Auto ban IP address for harvest attack
If there is an external harvest attack the IP address of the hacker should be added to the IP black list and the system admin notified by email.
Radim Dvořák commented
Yes, this is a must have. Kerio Operator has this functionality.
Markus Mohr commented
I support this - in case of harvest or other attacks, kerio should blacklist the IP and drop any connections they get from it, without allowing SMTP.
This might remove our Mailserver from some botnets maybe.... we get flooded very much meanwhile, dunno why. Same with our backup mail server. And everythings secured...
Matt Jones commented
Totally love this idea. The amount of these I see in my mail server log is extreme to say the least. It would be great to be able to ban them after a definable amount of time.
Dirk Poper commented
Unfortunately I don't have votes left. But instead of "allow access only from" I would like to have the option "deney access from"