block IP address on failed login attemps
Is there any way to block an IP address on login failure rather than doing an account lockout? We have had to deal with a number of dictionary attacks on other systems, and the volume of attempts at times acts as a DOS with all the checks the server has to do.
I have used denyhosts with very good effect to prevent this problem with ssh:
I am hoping to find a similar solution for Zimbra where a certain number of failures will put the failing ip address in /etc/hosts.deny for a period of time.