This restricts the AUTH mechanisms that are allowed for clients connecting over unencrypted channels.
Some AUTH mechanisms transmit passwords in an insecure way. You can restrict these mechanisms to only be allowed over
secured channels such as SSL or TLS
This restricts the AUTH mechanisms that are allowed for clients. It requires a service restart to change the available mechanisms.
Note DIGESTMD5 is now obsoleted by RFC5802 - Salted Challenge Response Authentication Mechanism (SCRAM) with reasons mentioned in RFC6331
The hostname used for Authentication, e.g. mycomputer
The domain used for Authentication, e.g. domain.com
The FQDN used for Authentication, e.g. mail.domain.com
Action to take
You can automatically close the connection and optionally block the IP for clients that fail authentication
Off, Close Connection, Block IP
Maximum Invalid Auths
This is the maximum number of invalid authentication attempts allowed
1 - 64
Block IPs that try to authenticate if disabled
Automatically block clients temporarily if they try to authenticate and authentication is disabled