Where are the settings for IDS blocks for Webmail?
Question asked by pjeski - January 10 at 9:44 AM
Answered
Bruce asked this about SM15, and it went unanswered. 

I did find this thread about SM16:

I've searched this forum for "Webmail IDS", and I've searched the online help and I can't find anything.

Where are the settings for IDS blocks for Webmail? Are we still supposed to manually edit mailConfig.xml?

4 Replies

Reply to Thread
1
Matt Petty Replied
Employee Post
Hello,

Log in as a System Administrator, go to the gear at the top 3rd from left, then Security on the left side. The first tab is for IDS Blocks.

Oh my bad, I missed on your comment mentioning SM16. SmarterMail 16 does not allow configuration of this value via the web interface. I believe these values are adjusted at the root of your IIS site for SmarterMail, web.config should have these values.

SmarterMail 17 does allow configuration of the webmail IDS blocks.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
pjeski Replied
Matt,

Thanks for the response.  I am running 17.


Of this list from the first tab for IDS blocks:
Bad SMTP Sessions (Harvesting)     SMTP          Harvesting - SMTP
Denial of Service (DOS)     IMAP          DOS - IMAP
Denial of Service (DOS)     POP          DOS - POP
Denial of Service (DOS)     SMTP          DOS - SMTP
Denial of Service (DOS)     XMPP          DOS - XMPP
Internal Spammer     Notify          N/A     Internal Spammer
Login Brute Force by IP     Block          
Password Brute Force by Protocol     IMAP          Brute Force - IMAP
Password Brute Force by Protocol     LDAP          Brute Force - LDAP
Password Brute Force by Protocol     POP          Brute Force - POP
Password Brute Force by Protocol     SMTP          Brute Force - SMTP
Password Brute Force by Protocol     XMPP          Brute Force - XMPP
Login Brute Force by Email     Block          
Password Retrieval Brute Force     Block          

Which are the webmail blocks?

Or if I try to create a new one:
Which of SMTP, IMAP, POP, LDAP or XMPP would I choose for webmail?
2
Matt Petty Replied
Employee Post Marked As Answer
Login Brute force is the block you would use for webmail logins. I think we could maybe label that better, maybe like "Webmail Login Brute Force". I'll pass the idea to the team.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
3
Matt Petty Replied
Employee Post
We are going to be calling it "Webmail Brute Force By IP", "Webmail Brute Force by Email". Hopefully this is less confusing. You'll see that change in the next update.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com

Reply to Thread