Logout

Alt-N Discussion Groups > MDaemon Discussion Groups > MDaemon Configuration > Check ip address against dns-bl on connect

 [F] Alt-N Discussion Groups  / MDaemon Discussion Groups  / MDaemon Configuration  /

Check ip address against dns-bl on connect

[Scott, Doug]
Doug Scott
Newbie
Newbie
Posts: 8
Doug Scott - 10:37am, Dec 27 2017

I am seeing more attempt of hacking recently, and wonder if there is a way to check the source ip address against dns-bl during authentication. To me, it makes sense to validate the source ip address before they manage to guess a users password. Also have noticed that 99% of these attempts are coming from ip addresses under the control of Asia Pacific Network Information Centre (APNIC). I have been manually adding ip addresses to the IP screening list daily, simply to stop the password guessing attempts.
Is there a way to do this automatically already?

  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items

Arron Caruth (apparently) - Dec 29, 2017 11:47 am (#1 Total: 5)  

via email  

Photo of Author
Arron Caruth
Administrator
Administrator
Posts: 1736

If the attempts are all coming from a region that valid users shouldn’t be connecting from, you can use location screening.  It allows you to block authentication based on the country the connecting IP is from.

 

You can configure it in MDaemon 17.5 by going to Security / Security Settings / Screening / Location Screening.

 

-- 

Arron Caruth
Director of Product Development
Alt-N Technologies
http://www.altn.com
 

Sent using Alt-N's own MDaemon Messaging Server   
Now available with  BYOD Mobile Device Management, 
Document Sharing, Hijacked Account Detection and more.

Get to know the Alt-N family by liking us on Facebook!

 

 

From: md-configuration@altn.com [mailto:md-configuration@altn.com] On Behalf Of Doug Scott
Sent: Wednesday, December 27, 2017 9:38 AM
To: md-configuration List Member <md-configuration@altn.com>
Subject: [md-configuration] Check ip address against dns-bl on connect

 

I am seeing more attempt of hacking recently, and wonder if there is a way to check the source ip address against dns-bl during authentication. To me, it makes sense to validate the source ip address before they manage to guess a users password. Also have noticed that 99% of these attempts are coming from ip addresses under the control of Asia Pacific Network Information Centre (APNIC). I have been manually adding ip addresses to the IP screening list daily, simply to stop the password guessing attempts.
Is there a way to do this automatically already?


View/reply at Check ip address against dns-bl on connect

 
 
--MD-Configuration---------------------------------------------------
This list is for questions about the configuration of MDAEMON. To 
unsubscribe from this mailing list send an email to 
md-configuration-unsubscribe@altn.com .
--POWERED BY MDAEMON!------------------------------------------------
 
---------------------------------------------------------------------
These forums are provided by Alt-N Technologies for user-to-user 
support and discussion.  Alt-N staff members may participate in the 
forums periodically but please recognize that this is not the official
method of receiving technical support. To receive personal technical 
support please use the form here:
http://www.altn.com/Support/RequestSupport/
---------------------------------------------------------------------

--MD-Configuration---------------------------------------------------
This list is for questions about the configuration of MDAEMON. To
unsubscribe from this mailing list send an email to
md-configuration-unsubscribe@altn.com .
--POWERED BY MDAEMON!------------------------------------------------

---------------------------------------------------------------------
These forums are provided by Alt-N Technologies for user-to-user
support and discussion.  Alt-N staff members may participate in the
forums periodically but please recognize that this is not the official
method of receiving technical support. To receive personal technical
support please use the form here:
http://www.altn.com/Support/RequestSupport/
---------------------------------------------------------------------

Doug Scott - Jan 5, 2018 10:55 am (#2 Total: 5)  

 

Photo of Author
Doug Scott
Newbie
Newbie
Posts: 8
Unfortunately I have users that do a lot of travel and travel in the areas that most of this stuff comes from. Currently I am adding 5 to 10 ip addresses a day to the blacklist. This brings up another question, the contents of IPSCREEN.DAT appears to be sorted in the first 75% with the remaining 25% being unsorted. How does this listing get sorted, and can it be triggered to be sorted again? By sorting I mean it is currently sorted high to low ip address. It would be easier to handle if it were sorted.



  (newer msg:3)All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items



 Content:

Read New | Search

 Guest:

Email to Admin



You are visiting as a Guest user.