Brute Force attacks trying to login to an email account

rebouy

Member
PartnerNOC
Sep 1, 2010
21
0
51
cphulk is detecting a massive attempt to access an email account (around 5 times per second, nonstop).
The attack comes from IPs from neighbour countries, so we just cant block any range of IPs. They also use a roundrobin, with only 2 attacks per IP.

The account is not in use anymore, but we cant just delete it (it still receives valid emails).

Any idea what to do to stop this hammering?

Regards,
Martin R.
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
40
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
If the account isn't in use anymore, why not delete the account and set a forward to another account. If the account doesn't exist, it can still receive forwards to an existing account. With the account no longer existing, it cannot be brute force attacked any longer then.