Knowledgebase

Mail Server Security

The Mail Security contains the following System Administrator resources:

Abuse Detection rules

Through the use of Abuse Detection rules, SmarterMail includes several methods for preventing abuse and denial of service (DoS) attacks on your mail server. For example, rules can be configured to monitor a variety of activity on the mail server, including the number of connections coming from a single IP address, the number of messages sent within a specific timeframe, the number of login attempts and more. These rules allow SmarterMail to alert System Administrators of suspicious behavior or take action to prevent the attack.

We activated the following rules:


Denial of Service (DOS) - monitored for this type of attack: SMTP, IMAP, POP

Too many connections from a single IP address can indicate a Denial of Service (DOS) attack. Enable this option to block IPs that are connecting too often to the server.

50 number of connections for 5 minutes will block the IP for 5 minutes

Bad SMTP Sessions (Harvesting)

A bad session is any connection that ends without successfully sending a message. Many bad sessions usually indicate spamming or email harvesting.

20 bed sessions for 5 minutes period of time will block the IP for 5 minutes
 

Password Brute Force by Protocol - monitored for this type of attack: SMTP, IMAP, POP

A common ploy by spammers and hackers is attempting to guess passwords for users. Many times this entails continual log in attempts to an account using different passwords, each a bit different than the one before it. This thereby brute forcing the password.

50 number of connections for 10 minutes will block the IP for 30 minutes

Blacklists

System administrators are able to control the IP addresses that are blacklisted or whitelisted from accessing mail services. Blacklisting an IP address prevents it from making incoming connections, while whitelisting an IP address adds the IP as a trusted source, allowing connections to bypass relay restrictions that may be imposed.

 

Was this answer helpful?

 Print this Article

Also Read

Email missing, slow or not arived

If your emails have not arrived, its likely due to one of our advanced antispam services.   The...

How to login to webmail?

If your domain hosted with us for example is somesite.co.uk then please type in your browser...

Alternative SMTP port?

If your ISP have blocked port 25 you can use port 8889 to connect to our SMTP servers

Mail server addresses and port numbers

SMTP server address - mail.yourdomainhere.com, port 25, you can use port 8889 if your ISP blocked...

How to configure Exchange ActiveSync for WIndows Phone

Follow these steps to connect your Windows Phone 7 device to SmarterMail via Exchange ActiveSync:...