In the "new" SmarterMail (v.8504) sometimes "Denial of Service (DoS)" (Default DoS rule) is triggered by Outlook MAPI users. This never happened with the old version of SmarterMail.
This appens if I have this rule active with the standard attributes (see this image):
This is an example of what I find in the "IDS Blocks" list:
Note that this happens in an ON PREMISE installation where both the server and the users are inside the corporate network and therefore each user has his own separate internal LAN IP, as you can see in this image:
I guess once a bunch of different users connect to a Cloud server from a LAN behind NAT with the same single public IP, this problem will only get worse...
This is really annoying because users complain that Outlook keeps logging out...
They notice because Outlook starts asking for username and password and doesn't stop until the blocked IP is deleted from the "IDS Blocks" list.
I had to raise the "Connection Before Block" parameter to make sure this doesn't happen too often, but since it NEVER happened before I wonder if this isn't a BUG of the new version of SmarterMail.
Furthermore I fear that with this parameter too high the protection against real DoS attacks becomes too light.