2019-09-20 - hschneider, Admin
Cookie Disclaimer: This forum uses only essential, anonymous session cookies (xmailforum*), nothing to be scared of.
| Printable Version of Topic
Click here to view this topic in its original format |
| XMail Forum > XMail Server > Blocking Ip After Smtp-maxerrors Reached |
| Posted by: guru meditation Oct 21 2009, 03:22 PM |
| I looked through the recent logfiles and see that, despite grey- and blacklisting (spamhaus) there are servers that try to send mails to dozens of non-existent email addresses. Even when the limit set in SMTP-MaxErrors (right now 4) is reached, they immediately reconnect and continue their stupid trial and error. Is there any way to blacklist these servers for some time, say 30 seconds and refuse further connections from these IP addresses? Can this be implemented in a way that XMail doesn't even accept connections? Because filters can only react when the connection is already established again. The problem for a script would be that it does not know whether XMail dropped the connection due to the maximum errors set in SMTP-MaxErrors. |
| Posted by: yartax Oct 19 2011, 08:47 AM |
| Hi This feature is in my interest too. every day I got thousands of connections trying to break emails accounts. My router often display many connections at a regular interval (says 30 tries per minute more or les) trying to break password. Is there any manner to block the incoming IP request to smtp/pop after many unsuccessful retries with wrong accound/password? Regards Julian |
| Posted by: Digdug Dec 14 2011, 06:29 PM |
| You could use a IDS firewall with Snort. It will also block POP3 brute force attempts. |