Intercepting SMTP Auth Failed

Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems

Moderator: Qbik Staff

Intercepting SMTP Auth Failed

Postby lupacexi » Aug 05 17 5:01 am

Hi

I would like to blacklist the IPs failing to authenticate too often. How can I do that ?

Is there a way to intercept "SMTP AUTH failed" with SMTP Policies ?

Thanks for answer

Best regards
lupacexi
 
Posts: 2
Joined: Aug 05 17 4:58 am

Re: Intercepting SMTP Auth Failed

Postby adrien » Aug 08 17 12:06 pm

Hi

Any auth failure pushes an event, which you can attach policy to.

One of the bits of information in the event is the name of the service the client was trying to authenticate to.

So you can set up policy to deal with what happens when someone fails auth to SMTP (e.g. add their IP to a black list or similar etc.).

The AuthFailed event requires an Enterprise license.

Regards

Adrien de Croy
adrien
Qbik Staff
 
Posts: 5177
Joined: Sep 03 03 2:54 pm
Location: Auckland


Return to WinGate

Who is online

Users browsing this forum: Bing [Bot] and 4 guests

cron