Protect an email account

keat63

• May 27, 2016 02:22

I have an email account that appears to under some sort of brute force. I have CSF configured quite strictly at 3 failed login attempts and the IP is blocked. I'd like to somehow restrict this email account to being able to login only from my static IP. or configure in CSF/CPHULK that even a single login failure for this particular account blocks the IP. This user is office based, and has no ability to access email outside of our static IP. He uses an email client which is preconfigured, my static IP is whileslisted, so the likelyhood of him legitimately getting blocked is probably nil. Is this possible ?

• 

  keat63

  • May 27, 2016 10:05

  I've since enabled smtpauth_resrict in CSF and added a small number of country codes to cc_allow_smtpauth. This may suffice, I'll monitor for a few days.

  0
• 

  cPanelMichael

  • June 02, 2016 16:28

  I've since enabled smtpauth_resrict in CSF and added a small number of country codes to cc_allow_smtpauth. This may suffice, I'll monitor for a few days.

  
  Hello, No native features exist in cPanel/WHM that allow you to restrict traffic for specific email accounts. However, I'm happy to see you were able to find a potential solution. Feel free to update this thread with the outcome. Thanks!

  0
• 

  keat63

  • June 03, 2016 07:26

  Over the last few days, I have seen a remarked drop in number of attempted smtp logins. I added only 2 country codes to cc_allow_smtp, I am however still seeing occasional login attempts from countries outside of these two zones. I'm not sure at this stage whether this is CSF being fussy over country codes, or if it's just coincidence that the hackers went away for a while.

  0

Please sign in to leave a comment.