Someone trying to access account from differen IP's

Discussion forum for Enterprise Edition.
Post Reply
sindrehi
Posts: 99
Joined: Fri Apr 15, 2005 7:58 am

Someone trying to access account from differen IP's

Post by sindrehi » Mon Jan 21, 2019 9:41 am

Hi,

What to do. One of our customer is locked out from the account all the time. In IMAP log file I see attempt to log in with wrong password every 10 minute, but from different IP's all the time. (I've checked first 20 attempts this day and all was with diferent Ip's)
Abuse detection and Prevention is activated, but this system rely on the same IP used in the attach?
Our Password policy is set to lock user out after 3 failed login attempts. Then our customer is locked out for 60 minutes and can log in the next 30 minutes.

Any suggestions what to do here?

Best Regards

Sindre Hiåsen

MailEnable-Ian
Site Admin
Posts: 9038
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: Someone trying to access account from differen IP's

Post by MailEnable-Ian » Wed Jan 23, 2019 11:45 pm

Hi,

You will need to disable the lockout user option as this is not a recommended option to stop abuse. You should rely on the abuse detection and prevention option as this will ban the IP address and not lockup the user. Although you mentioned that all your users route through a proxy (common IP) address?
Regards,

Ian Margarone
MailEnable Support

sindrehi
Posts: 99
Joined: Fri Apr 15, 2005 7:58 am

Re: Someone trying to access account from differen IP's

Post by sindrehi » Thu Jan 24, 2019 8:06 am

Thanks for reply,

Its of course a option to remove option to lock out users when entering wrong password. But we dont want to do this.
I was looking into the "Enable country authentication restrictions" option in Auth Policies. Changed it to "Only connecions from the countries selected below can authenticate", and selected only a few countries.
From IP adresse location tool I see IP's used is from all over the world. So when checking this option I was thinking it might help the situation. But it did not.

Best Regards,

Sindre HIåsen

Post Reply