Brute-force protection for your SMTP server. Stop password-guessing attacks on SMTP.
RdpGuard
Intrusion prevention system for your Windows Server
Follow:
Like:
Share:

SMTP Brute-Force Protection.

If you are running SMTP on your Windows Server, you may notice that your SMTP logs contain thousands of lines like below:

"91.200.12.125" "SENT: 535 Authentication failed. Restarting authentication process."
"91.200.12.125" "RECEIVED: ***"
"91.200.12.125" "SENT: 535 Authentication failed. Restarting authentication process."
"91.200.12.125" "SENT: 220 mailserver.com ESMTP"
"91.200.12.125" "RECEIVED: EHLO User"
"91.200.12.125" "SENT: 250-mailserver.com[nl]250-SIZE 20480000[nl]250-AUTH LOGIN PLAIN[nl]250 HELP"
"91.200.12.125" "RECEIVED: AUTH LOGIN"
"91.200.12.125" "SENT: 334 VXNlcm5hbWU6"
"91.200.12.125" "RECEIVED: aW52ZW50b3J5"
"91.200.12.125" "SENT: 334 UGFzc3dvcmQ6"
"91.200.12.125" "RECEIVED: ***"
"91.200.12.125" "SENT: 535 Authentication failed."
"91.200.12.118" "SENT: 220 mailserver.com ESMTP"
"91.200.12.118" "SENT: 220 mailserver.com ESMTP"
"91.200.12.118" "RECEIVED: EHLO User"
"91.200.12.118" "SENT: 250-mailserver.com[nl]250-SIZE 20480000[nl]250-AUTH LOGIN PLAIN[nl]250 HELP"
"91.200.12.118" "RECEIVED: EHLO User"
"91.200.12.118" "SENT: 250-mailserver.com[nl]250-SIZE 20480000[nl]250-AUTH LOGIN PLAIN[nl]250 HELP"
"91.200.12.118" "RECEIVED: AUTH LOGIN"
"91.200.12.118" "SENT: 334 VXNlcm5hbWU6"
"91.200.12.118" "RECEIVED: AUTH LOGIN"
"91.200.12.118" "SENT: 334 VXNlcm5hbWU6"
"91.200.12.118" "RECEIVED: bGVnZW5k"
"91.200.12.118" "SENT: 334 UGFzc3dvcmQ6"
"91.200.12.118" "RECEIVED: bGVnZW5k"
"91.200.12.118" "SENT: 334 UGFzc3dvcmQ6"
"91.200.12.118" "RECEIVED: ***"
"91.200.12.118" "SENT: 535 Authentication failed. Restarting authentication process."
"91.200.12.118" "RECEIVED: ***"
"91.200.12.118" "SENT: 535 Authentication failed. Restarting authentication process."

These failed authentication attempts are brute-force attack on your SMTP server. We hope your SMTP passwords are strong, otherwise spammers may succeed and SPAM may go through your server causing it to get blacklisted.

Needless to say, these attacks abuse your server resources - bandwidth, CPU, memory and free disk space (SMTP logs may grow enormously).

RdpGuard allows you to protect your SMTP server from brute-force attacks.

RdpGuard works with any SMTP Server software.

It monitors SMTP port on your server and detects failed login attempts. If the number of failed login attempts from a single IP address reaches a set limit (three by default), the attacker's IP address will be blocked.

For Windows XP, Vista, 7, 8, 8.1, 10 and Windows Server 2003 (R2), 2008 (R2), 2012 (R2), 2016

See Also

How to enable and configure SMTP Brute-Force Protection

RdpGuard 4.2.5 Free Trial

RdpGuard protects:

Social Connection
RdpGuard Logo
 
People like RdpGuard!
Our Other Products
FastGlacier
Windows Client for Amazon Glacier - new low-cost storage for data archiving and backup.
Copyright © 2012-2017 NetSDK Software, LLC. All rights reserved.  Terms of Use.  Privacy Policy.