Greetings, In trying to use pam tally to secure pam-aware services from brute force attempts, it worked well for all but one aspect. It seems like a client using our Squirrelmail setup creates an invalid imap login attempt every time they refresh a webpage. Has anyone else experienced this or have a clue why SM does this?