Webmail brute force lockout management
Question asked by Chris Cato - December 22, 2017 at 9:26 AM
Is there any way to manage the webmail login failure lockout?  I'm aware of the Login.BruteForceDetection.TriesBeforeBlock key in web.config but I'm hoping there are some more options to give us some flexibility in responding.  We have a fairly large client that is regularly locking their entire organization out of webmail when a user can't remember their password.  It would be helpful if we could lockout only the user's account or at least whitelist their IP.  
Additionally, is there a way to release the lockout without restarting the SmarterMail service?  
Chris Cato

Reply to Thread