There's an example of the info that I see:

 

No info on that?

I believe that in the latest releases of SM 17 the IDS BLOCKS system has a big BUG.

This keeps signaling me blocks in the WEBMAIL of various boxes (randomly ...) and after a while my clients who download mail with POP3 from those mailboxes are blocked.

Restarting the SamrterMail service the POP3 is unlocked and works for a while.

After a while (several hours), however, it starts to blocked mailboxes again (even completely different from the one before) and again other customers are blocked in the POP3 protocol.

What version of SmarterMail 17 are you running?  Also, do you have your administrative logs set to Detailed?  If so, can you provide those logs that cover the timeframe in which the accounts are being blocked?

SmarterMail Enterprise
Version: 6898 (nov 20, 2018)

This below is an example of today.

All the users of domain XXXXXX.IT where blocked and listed in WEBMAIL BLOCKS (in the log appear thet they failed the login from IP address 95.XXX.98.XXX).

They have Kerio Connect on premise in their office that download email via POP3.

After restart "SmarterMail Service" the log report succesful login for all the users from the same IP address (that is the IP address of their office).

The only operation that I made was restart SmarterMail Service.

This issue is appearing randomly on all domains in SmarterMail.

***LOG DELETED FOR PRIVACY***

Updated to the latest version today, the issue is not resolved.

With the latest version 6913 this issue SEEMS to be resolved.

I would like to keep an eye on the system for a few more days, then I will let you know if everything is OK