IMAP Brute-Force Protection
IMAP Protection Overview RdpGuard effectively protects your IMAP server from brute-force attacks. It monitors IMAP port(s) or logs on your server and blocks attacker's IP addresses when the number of failed authentication attempts from the single IP address reaches a set limit. Check the instructions below to learn how to enable and configure IMAP protection.
To Enable and Configure IMAP Protection Start RdpGuard Dashboard and click on the link next to IMAP 
IMAP Protection Link in RdpGuard Dashboard IMAP Settings dialog will open: 
IMAP Detection Engine Settings Monitoring method for IMAP protocol The following monitoring methods are supported for IMAP protocol: - Traffic based monitoring
- Log based monitoring
Traffic based monitoring works with any IMAP servers, SSL/TLS connections are not supported. Log based monitoring works with particular IMAP server's logs. SSL/TLS connections are supported. Traffic based monitoring The following traffic based monitoring methods are supported - Raw Sockets - Does not work on Windows Server 2008 or with firewalls.
- WinPcap - Works on all Windows Editions, WinPcap must be installed.
IMAP port You may specify multiple comma-separated ports for IMAP traffic monitoring. Log based monitoring 
Log based IMAP Monitoring Server type The following IMAP servers are supported for now: - MailEnable
- Kerio Connect
- hMailServer
- MS-Exchange
Log files directory Specify log files directory used by selected IMAP server.
| 
