Back to Community Threads
2
Set IP on IDS on first falied login attempt
Question asked by Joe Helfenstein - 8/22/2019 at 2:21 AM
Answered
Hello

A password bruteforce is running on our mail server from a botnet.

Is it possible to configure an abuse detection rule to put an IP to the IDS after the first failed login try?
It's not possible to set the value "0" on "Failures Before Block".
With value "1" the IP will be adden on the second try.

Best Regards
Joe

3 Replies

Reply to Thread
0
Joe Helfenstein Replied
8/26/2019 at 6:04 AM
I would really appreciate an answer... 
0
Employee Replied
8/26/2019 at 8:36 AM
Employee Post Marked As Answer
Joe,

It currently isn't possible to set up the Failures Before Block value so that it blocks the IP after the first failure.  However, I've submitted this as a feature request for you.
0
Joe Helfenstein Replied
8/26/2019 at 10:59 PM
Hi Ben

Thank you very much for the information and feature request.

Best regards
Joe
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Change the Login AttemptsSmarterStats > Installation and Configuration
554 Error - MTA Poor Reputation FixesSmarterMail > Troubleshooting
Configure SmarterMail as a Free Gateway ServerSmarterMail > Server Configuration and Management
Automatic SSL Certificates on a New SmarterMail ServerSmarterMail > Server Configuration and Management
Set Up a MAPI Account in Outlook 2016 and Above for WindowsSmarterMail > Desktop and Mobile Synchronization