The new IP blocking feature, introduced a few versions ago, it a great tool and we have enabled it, with great success, on both our own installation as well as the SmarterMail servers of several clients. It does have one minor shortfall, and that is that the table exists only as long as the SmarterMail server is not rebooted.
If this could be incorporated into a fluid table, which is written out to a file that holds the block, based on the configuration of the blocking action, until the blocking time is expired, it would become an even better tool because the accumulated data would not simply disappear ever time it is necessary to reboot a server or perform maintenance on SmarterMail.
This is particularly true of those, albeit, unfortunate, ISPs who are more heavily bombarded with DDoS and Password Brute Force attacks. I have a couple of clients in Europe who's Password Brute Force tables can grow to several hundred entries over the course of 24 to 36 hours.
Here's what we've setup to block, and how long we're blocking - and it works really well!
Thanks in advance for considering this new feature.
Phone: (224) 444-0169
E-Mail and DNS Security Specialist
Network Security Specialist
Customer Service Portal: https://portal.chicagonettech.com
Security Blog: http://networkbastion.blogspot.com/
Web and E-Mail Hosting, E-Mail Security and Consulting