guessing passwords - BIG PROBLEM
1. For SMTP login should be a option to disabled. Today, the active sysnc protocol is still used…
2. Active sync devices should only be added with administrator only
3. The Kerio web client should use two factor authentication
Security log example:
27/Nov/2018 05:34:35] Failed SMTP login from 18.104.22.168 with SASL method PLAIN.
[27/Nov/2018 08:12:59] HTTP/ActiveSync: Authentication failed for user firstname.lastname@example.org. Attempt from IP address 22.214.171.124 External authentication service rejected authentication due to invalid password or authentication restriction.