1
We are under attack from China!
Problem reported by Montague WebWorks - Yesterday at 7:14 AM
Submitted
These are all now blocked, with the /255 switch. That said, I would love a feature where any "brute force" etc rules auto-block based on country. I mean, I have no clients in China, or Russia, or Turkey, etc. If there is a hacking attempt in any of those rogue countries, I would like to just send them to the permanent block list.
Mik MullerMontague WebWorks

3 Replies

Reply to Thread
2
J. LaDow Replied
We block Authentication by Country ( Manage -> Settings -> General ) -- set to block all countries except where your clients would login from. For ours, we block everything except our US and a couple EU countries.  

That at least prevents any "leaked passwords" from eventually getting used and an account being spammed from (or worse).

In the case of your situation - sometimes you can block more than just the /24 -- like this IP from your list above:

Blocking the /14 would get you 260k blocked IPs instead of 255


We utilize a 3rd party application that allows us to block entire ASNs at our edge - and that makes a world of difference - plus as their IP ranges change, our rules update.
MailEnable survivor / convert --
0
Patrick Jeski Replied
Does blocking authentication by country block webmail logins as well?
0
J. LaDow Replied
As far as we can tell --
MailEnable survivor / convert --

Reply to Thread

Enter the verification text