Mailing List CGatePro@mail.stalker.com Message #92587
From: Dave Pooser <dave-stalker@pooserville.com>
Subject: Re: Speaking of CGP and Spam....
Date: Wed, 12 Sep 2007 09:24:29 -0500
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
> Turns out that in Settings -> Obscure -> Login Security, we were
> suspending account who had 15 failed logins within one minute, so the
> attacker was trying different passwords for this account and it was
> locked.  I found his IP and I locked him in the firewall.

One of the advantages of running a corporate mail server is I know where my
users are and where they're not likely to be. So years ago I blocked all of
APNIC space and most of eastern Europe at the POP and IMAP listeners. If I
have a user traveling to Asia or Australia I'll unblock them (or give them
an alternate port) but it stopped the attacks coming from China and Korea
and Ukraine and Russia and....

(Yes, I could block even more attacks if I blocked US IP space, but my guys
actually spend time here. Not so other continents, usually.)
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"...Life is not a journey to the grave with the intention of arriving
safely in one pretty and well-preserved piece, but to slide across the
finish line broadside, thoroughly used up, worn out, leaking oil, and
shouting GERONIMO!!!" -- Bill McKenna


Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster