4
Suggestion : Instant SMTP Block on Failed Authentication of No User
Idea shared by Curtis Kropar www.HawaiianHope.org - 3/2/2017 at 5:00 PM
Under Consideration
In our server logs I am seeing thousands of "Authentication failed"  But these are not for our users that are forgetting their passwords, these are people trying to log in with accounts that do not even exist, or accounts that did exist at one point, but have since been deleted. The same IP addresses are trying dozens of random user names to try to get one that works. They try one or 2, drop connection, then maybe several hours later try again, or try from a different IP address.  This tactic is bypassing our brute force filter - which I thought i set pretty aggressive at : 2 failures in 240 minutes, to ban for 3 months.
 
What I would like to see is.  If an IP address tries to authenticate with a user account that does not exist, It is immediately banned.

www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !

4 Replies

Reply to Thread
0
Hear Hear
Kendra Support http://www.kendra.com support@kendra.com 425-397-7911 Junk Email filtered ISP
0
Bump.
Any feedback on this ? Was this ever implemented ?
www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !
0
Employee Replied
Employee Post
Curtis,

This was also referenced in this thread:

It has been submitted as a feature request.
0

HI !

Was this ever implemented ?


www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !

Reply to Thread