Back to Community Threads
1
brute force and DOS attacks on SmarterMail server Build 8531
Question asked by Eric Bourland - 5/15/2023 at 10:22 AM
Unanswered
SmarterMail Build 8531

Hello, friends,

May I ask for your advice, please?
Beginning about a month ago, in April or so, my SmarterMail server has been attacked by Brute Force and Denial of Service attacks, coming from IPs in Iran, the Netherlands, Romania, and so on. My users are beginning to get worried, and I am not sure what to do.

Users sometimes are locked out of their own SmarterMail web mail, because the external attackers have bruteforced their usernames. Ugh! This has never happened in my many years of using SmarterMail.

I attach my current IDS Block settings; do they look OK to you?

Is there anything else you suggest to stop these attacks?

Thank you as always for your help.

Eric

5 Replies

Reply to Thread
1
This is mine. It works quite well.
1
Seph Parshall Replied
5/15/2023 at 11:20 AM
I have a pfSense firewall in front of my mail server that has country blocking turned on. I added a White List in case there are companies that any of my customers do business with. So as example, I block China but have made exceptions for a few servers there that email my customer.
1
Eric Bourland Replied
5/15/2023 at 11:37 AM
Brian, thank you for this helpful answer. I am considering my options. I really appreciate your time.

Eric
0
Eric Bourland Replied
5/15/2023 at 11:43 AM
Seph, thank you! I will check out the pfSense software. I really appreciate your time. Eric
1
Hi Seph

Its not good practice to run pfblockerNG in front of a mailserver. I get the idea to why but its high maintenance.
Consider using Snort/Suricata on the FW itself both on WAN and DMZ.
By doing so, you can block the ones that knock on the door (portscanning) and let the good guys through.
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Force Webmail Traffic Over HTTPSSmarterMail > Server Configuration and Management
500 Error After Upgrading to the Latest BuildSmarterMail > Troubleshooting
Attaching SmarterMail 16.x and Older Domains to New BuildsSmarterMail > Domain/User Configuration and Management
SmarterMail and Network Address Translation (NAT)SmarterMail > Troubleshooting
SmarterTools Licensing InformationGeneral Topics