How to know what's the user failing authentication?

I have this problem: A client of mine has 50 mail users connected via IMAP protocol. His IP is constantly blocked by the IDS IMAP rule because some of its users are using an incorrect LOGIN. How can I understand which user is trying to log in with the wrong credentials?

Gabriele Maoret - Head of SysAdmins at SERSIS

Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

Sébastien Riccio Replied

5/29/2020 at 9:57 AM

We have the same issue. Sometimes users are locked out by the IDS and we can't find anything in the logs that would explain it, so for now we must whitelist the customer IP as a workaround, but it's not a long term solution.

We've opened a ticket about and got replied that better/dedicated logging will be added post

"production" release. :

Words from support:

- "I've received word we have a task submitted to add IDS logging added post-release, so I'm going to get your ticket associated with that task and see if we can get it added sooner than that. "

- " I've received word this issue has been prioritized with development and will be resolved in the near future as our post-MAPI development work. "

Crossing fingers.

Sébastien Riccio System & Network Admin https://swisscenter.com

Gabriele Maoret - SERSIS Replied

5/29/2020 at 2:34 PM

ok, I keep my finger crossed too...

Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

2 Replies

Reply to Thread

Related Knowledge Base Articles

2 Replies

Reply to Thread

Tags

Related Knowledge Base Articles