We notice there are a few accounts that frequently get locked out due to multiple failed login attempt. We do not wish to remove the locked out function as this will give hackers more opportunity to attempt to guess the login password. Is there any better suggest to improve this?
I would like to take this opportunity to suggest some enhancements:
1. Add a 5 min delay after 3 failed login etc, instead of locking out an account.
2. Block the IP address that done too many failed login attempt unless it's trusted or internal IP.
3. Email alert when any of the above condition is met.
4. To have the origin IP in the Zimbra Admin Console to show source IP of the sender instead of completely useless info of 127.0.0.1 as origin ip for all email transactions
5. option to block IP, domain and email addresses in the MTA settings