Open-Xchange releases OX Abuse Shield v2.2.2

Open-Xchange is pleased to announce the release of OX Abuse Shield v2.2.2.

OX Abuse Shield provides abuse-prevention for Web Applications (including Webmail), POP, and IMAP. It is integrated with both OX App Suite and Dovecot Pro to prevent login and authentication abuse as well as protecting against brute-force attacks.

The goal of OX Abuse Shield is to detect brute forcing of passwords across many servers, services and instances, as well as enforce policy for authentication and authorization. In order to support the real world, brute force detection policy can be tailored to deal with "bulk, but legitimate" users of your service, as well as botnet-wide slow-scans of passwords.

The new OX Abuse Shield v2.2.2 provides the following fix:
  • Fix control socket leak when client closes connection immediately
The new OX Abuse Shield v2.2.2 provides the following main improvements:
  • StatsDBs can now be shared for better performance (man wforce.conf for more info)
  • StatsDB expiry thread now runs more often by default
  • StatsDB expiry thread sleep time is now configurable (man wforce.conf for more info)
  • Support for Kafka REST Proxy in webhooks (man wforce_webhook for more info)
A more detailed overview of the main functions and technical descriptions of OX Abuse Shield can be found at the Whitepaper under:

Shipped packages and versions:
- OX Abuse Shield v2.2.2

Complete Release Notes:

Download and Installation

For further details about OX Abuse Shield installation and configuration, mandatory and optional packages, policies, please refer to the documentation provided: