Export (0) Print
Expand All
Expand Minimize

2.2.37 [RFC3501] Section 11.2, Other Security Considerations

V0059:

The specification states: "A server SHOULD have mechanisms in place to limit or delay failed AUTHENTICATE/LOGIN attempts."

Microsoft Exchange Server 2007, Microsoft Exchange Server 2010, Microsoft Exchange Server 2013

Microsoft Exchange Server allows four failed attempts before it drops the session. However, Microsoft Exchange does not have any cross-session limits.

Show:
© 2015 Microsoft