disabling or ending session doesn't work
Problem reported by Barbara Renowden - 6/20/2015 at 10:06 AM
When you look a the online users in Smarter Mail and you check to either end session or disable they still show up in the list.  For example there are two users for web showing up in the list as anonymous from China.  Showing they have been active for 10 to 12 minutes.  I am 100% positive they are hackers trying to get in.  I tried to end their session or disable them but they still show up in the list. 

Barbara Renowden President / Co-Founder Centric Web, Inc. https://www.centricweb.com

2 Replies

Reply to Thread
Bruce Barnes Replied
Disabling "anonymous" users has zero effect.  There is no one connected on those IP addresses by the time they are listed as "anonymous."
The better way to do this is via the ABUSE DETECTION settings, which can be found under:
  • Security
  • Advanced
  • Abuse Detection
Here are the settings we currently use for both our own SmarterMail servers, and for the SmarterMail servers we maintain on behalf of customers:
SmarterMail Abuse Detection Settings
SmarterMail Abuse Detection Settings
  • IP addresses which are trapped are not permanent. 
    • They will be removed whenever the SmarterMail service is restarted or the server on which SmarterMail is rebooted. 
    • I have already made a request that these trapped IPs be stored in a "floating" table so they are not lost in those circumstances.
  • 65,535 minutes is the largest number of minutes for which a trap can be configured. 
    • It would be nice if these traps were maintained between service restarts and server reboots
    • It would be nice if a longer trap period could be set
    • It would be nice if the option of a permanent trap was available.
- Bruce
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
Barbara Renowden Replied
Bruce, thanks. I did already have pretty high settings but did do some tweaking based on the image above.
Barbara Renowden President / Co-Founder Centric Web, Inc. https://www.centricweb.com

Reply to Thread