First and foremost, CSF is working as it should. Thanks for a great product!
The problem is that I have many clients getting their IP blocked from failed logins to SMTP. Oddly, it only effects Outlook/Office365.
Full disclosure this is due to the client having bad credentials set in their Outlook client. This is NOT any problem with CSF.
The firewall is correctly blocking these bad logins. As it should.
My question is: why does the IP get blocked if the same login credentials are used over and over?
I understand if someone was brute forcing with different credentials.
Is there any way to just ignore multiple failed logins that use the same IP/user/pass?
I have way to many clients to successfully whitelist all potential IP addresses.
CSF SMTP AUTH Blocking Issue
Re: CSF SMTP AUTH Blocking Issue
I think I found the answer to my own question.
CSF cannot see the login details. Only the login failures. So it cannot actually check for multiple failed logins that use the same IP/user/pass.
Oh well.
CSF cannot see the login details. Only the login failures. So it cannot actually check for multiple failed logins that use the same IP/user/pass.
Oh well.