This has gone very quiet after I answered the initial query. Meanwhile my server is still being interrogated for valid mailbox addresses using multiple repeated RCPT commands. Those addresses are then being dictionary-attacked for authentication, and the real user getting locked out (I've had to tur...

...sorry for repeat comments - more info... I notice that the bot is also attempting domains which are not hosted on the server and these attract a 503 no relay without authentication allowed error. Any type of invalid RCPT tried repeatedly during the same conversation really should trigger abuse de...

...and they are trying a dictionary attack on the mailbox name for valid domains hosted on the server. So not relaying - the error is "mailbox unavailable or not local". Here's a complete log line with the valid domain changed to foo.com: -- 08/29/23 00:44:48 SMTP-IN E33A6E7BFAE044CFBA493E92EDEBB8E0...

The server is returning a 550 which should count...

I have Security settings for SMTP service set so that just 5 bad commands should drop the connection. But my server is being attached by a dictionary attack to discover valid addresses, with multiple RCPT TO commands being tried until one works. And the connection is not being dropped as it ought to...

FAO MailEnable Please can you ensure that announcements – for instance new versions - are properly published on your website and via the software Management Console. Latest announcement I can see (in the Pro product) is about 10.42. We found out about 10.43 accidentally! :-( This is also by way of a...

This is a few years old, and it is clearly a bug which still prevails in 10.38 Is the clear up rate for these things really so poor? Why? I came on here to see if there was any chance of admin web access to the quarantine folder, but if even this kind of simple thing doesn’t get fixed, then requests...