ConfigServer Community Forum

Hi, bit new to using ConfigServer and wondered how I can change the sensitivity of the IMAP filters to allow for more failed IMAP login attempts or change the time period.

We are getting quite a few genuine logs attempts but they are failing after 10 attempts.

Is there some setting that after a certain time period can automatically "Unblock" the failed IP address trying to login to IMAP.
So the system blocks them for say 15 minutes, then they can try again??

-------------------------------------------------------------------------------------------------------------------------

csf.deny: nnn.nnn.nnn.nnn # lfd: (imapd) Failed IMAP login from nnn.nnn.nnn.nnn (GB/United Kingdom/host109-154-15-108.range109-154.btcentralplus.com): 10 in the last 3600 secs - Sun Dec 1 16:58:13 2024

If you trust that IP, you can add it to the whitelist and it will not be blocked.

Or you can create your own bash script to run every 15 minutes to unblock IPs on your own white list.

I don't recommend to unblock any IP every 15 minutes or hackers will not be blocked and your email will be attacked very often.

One word of caution, never write your server's IP on a public forum or any one will know what server to check or attack:
you wrote:

host...-...-..-....range...-....btcentralplus.com

and now I see:
https://talosintelligence.com/reputatio ... ch=109.154....
by the way that CIDR reputation is not good.

Sergio