This restricts the AUTH mechanisms that are allowed for clients connecting over unencrypted channels.
Some AUTH mechanisms transmit passwords in an insecure way. You can restrict these mechanisms to only be allowed over
secured channels such as SSL or TLS
On/Off
false
Allowed Methods
This restricts the AUTH mechanisms that are allowed for clients. It requires a service restart to change the available mechanisms.
Note DIGESTMD5 is now obsoleted by RFC5802 - Salted Challenge Response Authentication Mechanism (SCRAM) with reasons mentioned in RFC6331
On/Off
PLAIN,LOGIN,NTLM,CRAMMD5
PLAIN+NTLM
Host
The hostname used for Authentication, e.g. mycomputer
<hostname>
Domain
The domain used for Authentication, e.g. domain.com
<domain>
FQDN
The FQDN used for Authentication, e.g. mail.domain.com
<FQDN>
Password Hacking
Action to take
You can automatically close the connection and optionally block the IP for clients that fail authentication
Off, Close Connection, Block IP
Off
Maximum Invalid Auths
This is the maximum number of invalid authentication attempts allowed
1 - 64
6
3
Block IPs that try to authenticate if disabled
Automatically block clients temporarily if they try to authenticate and authentication is disabled