4
New "whitelist" column, IDS
Idea shared by Brian Ellwood - June 18, 2015 at 8:33 AM
Proposed
A new employee was setting up their Outlook and had their password wrong and as a result of repeated attempts the entire office was blocked by IDS
 
I don't want to whitelist my office's IP in the traditional sense to bypass relay restrictions, etc, I just want it to be bypassed for IDS rules (or for specific rules)
 
Maybe theres a better way?
 
 

1 Reply

Reply to Thread
0
Robert Emmett Replied
June 18, 2015 at 1:17 PM
Employee Post
Brian, whitelisting your office IP is really the only way to prevent the brute force rule enforcement.  Is there a reason you don't want to whitelist your office IP?  Also, what settings for the brute force detection rule are you currently using?
 
One improvement we could possibly implement in SM, is to keep a list of attempted passwords and increment a counter of each unique password.  Most mail clients and their users would likely use the same password repeatedly instead of radically changing up the password attempts like "real" brute force attackers.  After XX many unique failed attempts (or YY many attempts with the same password?), the user's IP would be blocked.
Robert Emmett
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com

Reply to Thread