Back to Community Threads
3
Need to whitelist ip for webmail
Problem reported by Brad Underwood - 1/15/2018 at 10:55 AM
Resolved
I understand why web login have Brute Force Detection, but I need to be able to whitelist a large site ip address with 50+ users. If one of the users causes a lockout the entire site gets blocked form accessing there webmail. Is there a way to do this?

5 Replies

Reply to Thread
2
Employee Replied
1/15/2018 at 12:50 PM
Employee Post Marked As Resolution
Hi Brad.  Our latest SmarterMail 16 has a new setting for webmail brute force.  You'll want to update to our latest release from 1/11/18, and then you can follow these steps.
 
  1. Log into SmarterMail as the Sys Admin and go to Settings >> General.  Make any kind of change here so that the Save button becomes enabled.  Clicking Save will create new configuration settings.
  2. Stop the SmarterMail service.
  3. Edit the following file:  C:\Program Files (x86)\SmarterTools\SmarterMail\Service\mailConfig.xml
  4. Search for:  <BruteForceSettings>
  5. Here, you can disable webmail brute force detection, or increase the failed attempts before a block is activated
  6. Save and close file.
  7. Restart the SmarterMail service.
0
WebControl GmbH Replied
3/20/2018 at 4:11 AM
Will that be possible in one of the minor updates from SM16 to setup within the webinterface?
The way you described is a no go for a production environment to make a "small" change within business hours!
2
Falk Brockerhoff Replied
6/11/2018 at 2:57 AM
It seems like SmarterTools isn't willing to implement a possibility in SM 16
 
-  to change brute force settings without restarting the service 
and
- to make a whitelist for the brute force prevention. 
 
I'm wondering why this thread is marked as solved...
 
Anyway, we have the same problem as Brad Underwood. One bigger customers of us (~ 75 Users) faces the fact that his entire business is disrupted, just because one user is entering a wrong password too many times. Like many bigger companys this customer have a dedicated IP address. So it would be no problem to whitelist his IP.
 
For me as a users it's pretty hard to understand, why the existing whitelist for DoS and Email Harvesting cannot be enhanced for the Brute Force protection. I think a enterprise software which is "The ultimate Microsoft Exchange alternative" should considering a scenario where many people are working behind only one IP address. 
0
Richard Frank Replied
6/12/2018 at 3:37 AM
When a lot of address / accounts are actively used from the same IP address and someone locks his account only that account should be locked. Not the IP address.
With a kind of reputation system for IP numbers Smartermail would be able to learn if this is realy a attempt to hack from outside or just a user who forgot it's pass.
In the first case, the IP should be blocked according the brute force settings. The IP has 0 reputation, never succesfully logged on.
In the second case, the IP has a good reputation, multiple successful log ons per day, only the user should be locked out.. Warning your account has been disabled, get your cardboard box with the manager ;)
0
Kyle Kerst Replied
11/4/2018 at 7:41 PM
Just for clarification, is the setting needing to be changed the <LoginIsEnabled> parameter under <BruteforceSettings>? This has become a huge issue for one of my clients recently as someone has taken a keen interest in their inboxes. 
Kyle Kerst Cameron Solutions LLC www.cameron-solutions.com
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Configure SmarterMail as a Free Gateway ServerSmarterMail > Server Configuration and Management
Force Webmail Traffic Over HTTPSSmarterMail > Server Configuration and Management
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
Change the Login AttemptsSmarterStats > Installation and Configuration
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration