Abuse Detection for ActiveSync

It is becoming an increasing problem of users getting fired from their companies and they have an ActiveSync account on their phone relentlessly trying to login to our server. We would like to see a way to block these phones in the Abuse Detection settings.

They Call Me Matt Replied

9/30/2014 at 1:14 PM

Let me chime in on this one also. Failed EAS logins will show up as ASP.NET 4.0 errors in the Event Viewer Application log, and they pretty much fill it up. I have two users hitting this and there are hundreds of Events logged every day. This is totally undesirable and it must be fixed.

I'm not sure that this should be treated as Abuse, but rather just treat it like anything involving POP3, IMAP and SMTP. There's absolutely no reason why SmarterMail should be throwing ASP.NET errors on a failed EAS login. I see no harm in them just being logged in the standard SmarterMail logs when this happens.

Chris Le Replied

9/30/2014 at 1:22 PM

Yes that is exactly what is happening to us. I have had IIS crash a few times, not sure if its because of this.

They Call Me Matt Replied

9/30/2014 at 1:27 PM

My issue was fishing through this stuff to try to find the cause of crashes. It's very difficult with just 2 devices doing failed logins because you have to view the contents of each error to find if they are related to this EAS stuff, or something else, with +99% being this garbage. The fact that they are logged as Application Errors could signify an issue as they should be handled without making ASP.NET throw one. My guess is however probably not, but it's hard to find anything but these things in my Event Viewer.

3 Replies

Reply to Thread

Related Knowledge Base Articles

3 Replies

Reply to Thread

Tags

Related Knowledge Base Articles