2
How to know what's the user failing authentication?
Problem reported by Gabriele Maoret - SERSIS - 5/29/2020 at 6:17 AM
Submitted
I have this problem: A client of mine has 50 mail users connected via IMAP protocol. His IP is constantly blocked by the IDS IMAP rule because some of its users are using an incorrect LOGIN. How can I understand which user is trying to log in with the wrong credentials?
Gabriele Maoret - Head of SysAdmins at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

2 Replies

Reply to Thread
1
Sébastien Riccio Replied
We have the same issue. Sometimes users are locked out by the IDS and we can't find anything in the logs that would explain it, so for now we must whitelist the customer IP as a workaround, but it's not a long term solution.

We've opened a ticket about and got replied that better/dedicated logging will be added post 
"production" release. : 

Words from support:
- "I've received word we have a task submitted to add IDS logging added post-release, so I'm going to get your ticket associated with that task and see if we can get it added sooner than that. "

- " I've received word this issue has been prioritized with development and will be resolved in the near future as our post-MAPI development work. "

Crossing fingers.
Sébastien Riccio System & Network Admin https://swisscenter.com
0
Gabriele Maoret - SERSIS Replied
ok, I keep my finger crossed too...
Gabriele Maoret - Head of SysAdmins at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)

Reply to Thread