Protect third party
At least access to gpec and mailstore can be protected by dynamic screening, which is done via mdaemon users.
And mdaemon to integrate third-party programs has a thread in which it writes the script for integration and appears in menus in mdaemon.
Clearly they have to develop them and anyway it applies to users who have been in contact with the mail server.
Thank you for sharing your idea with us. This is already possible. Dynamic Screening includes a publicly available API, although I don’t believe it has been documented. If any software vendors would like to access MDaemon’s Dynamic Screening functionality they will need to contact us so that we can provide the documentation.
if you publish ports on the service firewall like Mailstore or Gpec there is nothing to protect from brute-force authentication attacks. the third parties do not develop firewalls inside their product, maybe they do not even have to do so their commitment should only be that if a user inside them has to access or not outside the company network. control through dynamic screening should be easy because these products can be added to the menu through a script that already exists and monitoring is just one more door for mdaemon and it is clear that the dynamic screening can only be verified on users of the third-party product parts that matches an mdaemon user