We use MXRouter to do our spam filtering and take countermeasure against numerous types of hacking and abuse. MXRouter tails SmarterMail's log files to detect unauthorized login attempts among other abuses. In turn, it will blacklist a failed login via SmarterMail's web service.
The problem is when MXRouter SMTP blacklists an IP address via web services, it can take a long time before SmarterMail actually blocks the IP address, affording the perpetrator numerous more attempts as can be seen in the screenshot below. The "**** Added IP address..." message is generated after MXRouter confirms that the IP address was successfully added to SmarterMail's blacklist. Manual inspection confirms it was added too.
Not being able to stop a hacking attempt quickly seems a security vulnerability, particularly if there is a coordinated bot attack where literally thousands of login attempts will be accepted despite the IP addresses were blacklisted on the first detected attempt.
Is there any setting in SmarterMail that will make it more responsive to an IP address being blacklisted?