Hi,
Our server is getting hammered by smtp attempts and thanksfully Brute Force and CSF are blocking these OK.
However, the Brute Force history report shows that 95% of the smtp attempts are repeated hammering to valid email addresses for one specific domain, but we don't actually host the emails. Client manages them elsewhere, we only host the web site.
I have Brute Force "Duration for Retaining Failed Logins" set to 3600 minutes and currently have 13,000+ lines in the History Report.
Is there anyway of blocking these by domain, or by email address?
Ta.
Will.
Our server is getting hammered by smtp attempts and thanksfully Brute Force and CSF are blocking these OK.
However, the Brute Force history report shows that 95% of the smtp attempts are repeated hammering to valid email addresses for one specific domain, but we don't actually host the emails. Client manages them elsewhere, we only host the web site.
I have Brute Force "Duration for Retaining Failed Logins" set to 3600 minutes and currently have 13,000+ lines in the History Report.
Is there anyway of blocking these by domain, or by email address?
Ta.
Will.