Brute Force Abuse Detection blocking smartermail server
Question asked by eswanzey - December 13, 2016 at 3:59 PM
Answered
I have a single SmarterMail server that uses a couple of IP addresses for sending mail. It has some brute force abuse detection rules that keep blocking those same IP addresses. How can I prevent this from happening?

5 Replies

Reply to Thread
0
Hi,
What kind of blocking?
DOS, smtp, internal spammer or an other?
 
What does the log files say?
0
eswanzey Replied
Smartermail is on the same server as several websites. Smartermail uses 2 IP addresses, and the websites use their own set of IP addresses. The websites use Smartermail (via SMTP) to send out website messages such as registration emails, contact form inquiries, etc. I had setup the standard abuse detection rules using the wizard tool. In the Smartermail SMTP logs, there are entries of "IP blocked by brute force abuse detection rule." The problem is that along with the legitimate blocks, are blocks against the two IP addresses that Smartermail uses. The result is that the websites can no longer send messages through Smartermail because they can't connect because of the block.
1
I do use SM on some webservers for the same reason, but the websites allways connect on local IP with SM. SM sends with the public IP of the webserver.
Can't you just whitelist the IP numbers, they are just local
0
eswanzey Replied
Thanks for nudging me in the right direction Richard. I added some private IP's and now use those to communicate and send mail through SM, and added those private IP's to SM's whitelist. Problem solved.
0
great :)

Reply to Thread