Suggestion : Instant SMTP Block on Failed Authentication of No User
Idea shared by Curtis Kropar www.HawaiianHope.org - March 2, 2017 at 5:00 PM
Under Consideration
In our server logs I am seeing thousands of "Authentication failed"  But these are not for our users that are forgetting their passwords, these are people trying to log in with accounts that do not even exist, or accounts that did exist at one point, but have since been deleted. The same IP addresses are trying dozens of random user names to try to get one that works. They try one or 2, drop connection, then maybe several hours later try again, or try from a different IP address.  This tactic is bypassing our brute force filter - which I thought i set pretty aggressive at : 2 failures in 240 minutes, to ban for 3 months.
 
What I would like to see is.  If an IP address tries to authenticate with a user account that does not exist, It is immediately banned.

www.HawaiianHope.org - Providing technology services to non profit organizations, homeless shelters, clean and sober houses and prisoner reentry programs. in 2018, in just one year, we gave away 1,000 Free Computers !

3 Replies

Reply to Thread
0
Hear Hear
Kendra Support
http://www.kendra.com
support@kendra.com
425-397-7911
Junk Email filtered ISP
0
Bump.
Any feedback on this ? Was this ever implemented ?

www.HawaiianHope.org - Providing technology services to non profit organizations, homeless shelters, clean and sober houses and prisoner reentry programs. in 2018, in just one year, we gave away 1,000 Free Computers !

0
Ben Gilstrap Replied
Employee Post
Curtis,

This was also referenced in this thread:

It has been submitted as a feature request.
Ben Gilstrap
Regional Sales Executive
SmarterTools Inc.
(877) 357-6278
www.smartertools.com

Reply to Thread