Hello,
I’m getting a load of attempts at logging in with non-existent accounts. Is there a way to automatically ban the IP address after a set number of non-existent account login attempts?
Thanks!
Ben.
If you know your way around Powershell and scripting Telnet commands,
You can use the script I made here, to get the IP and amount of attempts:
https://www.axigen.com/community/t/made-a-powershell-script-to-parse-smtp-receiving-log
Then you will need to get the IP added to the Axigen.cfg, either by manipulating the .cfg file itself and restarting the Service:
Server {
smtpIncoming = {
serviceAccessControl = {
denyRules = (
{
ipSet = 192.168.11.55-192.168.11.55
enable = yes
priority = 500
}
)
}
}
}
Or apply it via CLI commands:
user admin
<your password>
config server
config SMTP-INCOMING
CONFIG AccessControl
add denyrule 192.168.11.55-192.168.11.55 enable yes
back
commit
save config