What are the best ways to block IMAP brute force attacks?
Question asked by Karl Jones - 10/22/2021 at 7:46 PM
Ok, i stopped almost all of the current SMTP attacks that one of my clients seems to be the focus of but now they added IMAP brute force attacks. I have moved the number of failed attempts to a low number and the IDS list is exploding but i don't see any other way of blocking IMAP attacks.... Anyone have suggestions.?

2 Replies

Reply to Thread
Martin Schaible Replied
I do it the same way. The IDS is always under heavy load, but i'm happy to have it.
I have set the number of failed logins to 4 in 5 Minutes.

Karl Jones Replied
Thanks Martin, i had to increase the failed AD logon attempts slightly too as users were being locked out almost as soon as their account unlocked.

Reply to Thread