This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Auto ban/block IP addresses that attempt SMTP auth

I have UTM as a spam/virus filter in front of my email server.

Inbound SMTP (port 25) is only ever going to be "anonymous" SMTP delivering to my email server, or relaying from static IP addresses.

I frequently see authentication fails along the lines of 

server_login authenticator failed for (USER) [145.249.107.135]:37894: 535 Incorrect authentication data (set_id=username@domain.com)

As I do not allow authenticated SMTP inbound, is there a method of auto banning or blocking IP addreses that attempt to authenticate on SMTP ?



This thread was automatically locked due to age.
Parents Reply
  • "Automaticly"

    Using the same number of attempts in the same time period that I want to use for the user portal, which needs to cope with users that change their AD password, and then attempt to logon with their browser stored credentials...

    as I originally said " auto banning or blocking IP addreses that attempt to authenticate"

Children
No Data