The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Brute Force attacks trying to login to an email account

Discussion in 'E-mail Discussions' started by rebouy, Jun 20, 2011.

  1. rebouy

    rebouy Member

    Joined:
    Sep 1, 2010
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    cphulk is detecting a massive attempt to access an email account (around 5 times per second, nonstop).
    The attack comes from IPs from neighbour countries, so we just cant block any range of IPs. They also use a roundrobin, with only 2 attacks per IP.

    The account is not in use anymore, but we cant just delete it (it still receives valid emails).

    Any idea what to do to stop this hammering?

    Regards,
    Martin R.
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    If the account isn't in use anymore, why not delete the account and set a forward to another account. If the account doesn't exist, it can still receive forwards to an existing account. With the account no longer existing, it cannot be brute force attacked any longer then.
     
Loading...

Share This Page