Recommended IDS Rules for SmarterMail 16.x
Question asked by ram - July 4, 2017 at 4:49 PM
Somebody can recommend IDS rules for new SmarterMail 16.x to protect the server and email accounts?

1 Reply

Reply to Thread
Ronald Raley Replied
This is a good thread as there isn't much guidance on IDS blocks.  Here is what we are doing with 8,000 users:
Password Brute Force (All Services)
50 failures in 10 minutes and we kill for 30 days
Bad SMTP Sessions (SMTP)
100 bad sessions in 10 minutes and we kill for 30 days
Denial of Service (All Services)
1000 connections in 10 minutes and we kill for 24 hours
Internal Spammer
1000 messages in 10 minutes and we notify ourselves only
Any suggestions for improvement?  Too strong or too lenient?  We have been running this for one year and never had a user complain that they were locked out.  Feedback is always appreciated.

Reply to Thread