Back to Community Threads
1
IDS Rules for Email Brute Force / Version 8580
Question asked by Schroeder Robert - 7/7/2023 at 9:56 PM
Answered
Hi all
Since a week I wake up and one of my accounts is blocked due to the IDS Rules for Email Brute Force. The only thing I changed on the rule is that I have put the blocking to 5000 days. May be it is ok but I want not to block the email but the IP who break the rule.
How dou you handle such fails with email ?
By the way It would be nice to have a build in filter which can block login attemps from non authorized countries. Example if IP is from Vietnam, this is real impossible as my users are all in EU. 
Best regards

1 Reply

Reply to Thread
0
Andrew Barker Replied
7/10/2023 at 7:12 AM
Employee Post Marked As Answer
If you want to block by IP instead of by email address, you'll want to create a Password Brute Force by IP rule. Brute Force by Email rules look for multiple failed attempts to log into a specific account and lock the targeted account, while Brute Force by IP rules look for multiple failed attempts coming from the same IP address and block that IP.

As for blocking authentication from a specific country, that capability is available in the current version of SmarterMail. As a domain or system administrator, go to a domain's General settings page. There is a card labeled Block Authentication by Country. You can adjust the settings there to either allow or block authentication from specific countries.
Andrew Barker Software Developer SmarterTools Inc. www.smartertools.com
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Spam and Security Checks for IPv6 SystemsSmarterMail > Antispam and Antivirus
Set up Autodiscover for SmarterMailSmarterMail > Installation and Configuration
Force Webmail Traffic Over HTTPSSmarterMail > Server Configuration and Management
Unexpected Sync Behavior with Outlook and IMAPSmarterMail > Troubleshooting
Configure SmarterMail as a Free Gateway ServerSmarterMail > Server Configuration and Management