Back to Community Threads
2
IP blocked
Question asked by ram - 10/29/2019 at 7:17 AM
Answered
10/29/19 10:07 AM Rule Name -- 300 SMTP connections within 10 minutes (Denial of Service DOS) IP Address -- xxx.xx.xxx.xxx

What is means? How I can get more details as email address, PC name or is it virus?

2 Replies

Reply to Thread
0
ram Replied
10/29/2019 at 7:20 AM
More details from log section:

[2019.10.29] 08:06:20.508 [xxx.xx.xxx.xxx ][11417115] connected at 10/29/2019 8:06:20 AM
[2019.10.29] 08:06:20.508 [xxx.xx.xxx.xxx ][11417115] "421 Server is busy, try again later." response returned.
[2019.10.29] 08:06:20.508 [xxx.xx.xxx.xxx ][11417115] IP blocked by bad SMTP sessions (email harvesting) abuse detection rule
[2019.10.29] 08:06:20.508 [xxx.xx.xxx.xxx ][11417115] disconnected at 10/29/2019 8:06:20 AM
0
Kyle Kerst Replied
10/29/2019 at 9:50 AM
Employee Post Marked As Answer
Hello Ram, these log entries indicate an IP address or user was blocked by the Intrusion Detection System due to the number of connection attempts or bad password attempts. These rules are found/configured under Settings>Security>IDS Rules and you can unblock the IP by navigating to Manage>IDS Blocks from a system administrator account. 
Kyle Kerst IT Coordinator SmarterTools Inc. www.smartertools.com
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
Configure an Alternative Linux Web Server for SmarterMailSmarterMail > Server Configuration and Management
Cannot Send Email MessagesSmarterMail > Troubleshooting
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Cannot Receive Mail MessagesSmarterMail > Troubleshooting