SMTP Auth fails should be tracked using IPstore
uberbrady opened this issue · comments
Brady Wetherington commented
Look for SMTP Auth's, and failures.
Brady Wetherington commented
Still need password hash support of some sort still. But this is basically in there.
Brady Wetherington commented
(The password-hash feature is for this: If a user changes their password, and forgets to update all of their devices, that device will continually generate authentication failures. I want to distinguish between retrying the same password, over and over, versus trying a whole bunch of different passwords. So I figure store a hash of the old passwords that were attempted, and don't penalize the user if they retry one that they already had tried before)