I'm running smartermail enterprise 15.7.  I can't go newer due to server limitations.

I have an SMTP password brute force by protocol rule set for 10 attempts in 5 minutes.  I have a customer who's computer is set to check email once  every 10 minutes.  Their password is correct.  However, their IP keeps getting blocked due to smartermail thinking there is an attack.  I do not understand how this rule could ever get tripped by the user.

Any ideas?