How to Enable and Configure SMTP Brute-Force Protection. SMTP Server Protection.
RdpGuard
Intrusion prevention system for your Windows Server
 
Follow:
Share:

SMTP Brute-Force Protection


Protection Overview

RdpGuard helps you protect your SMTP server from brute-force attacks by monitoring the SMTP port or logs for failed authentication attempts. When the number of failed attempts reaches the set limit, RdpGuard blocks the attacker's IP address. Check out the instructions below to learn how to enable and configure SMTP brute-force protection.


To Enable and Configure SMTP Protection

Start RdpGuard Dashboard and click on the link next to SMTP

smtp protection link

SMTP Protection Link in RdpGuard Dashboard

The SMTP Settings dialog will open:

smtp detection engine settings

SMTP Detection Engine Settings

Monitoring method for SMTP protocol

The following monitoring methods are supported for SMTP protocol:

Log based monitoring

The default option recommended for SMTP monitoring is through Logs. This method involves monitoring SMTP server logs and is more efficient in terms of resource usage compared to monitoring network traffic. Moreover, it also works for SSL/TLS connections and supports detection of usernames.

SMTP Server

The following SMTP servers are supported for now:

Log files directory

Specify log files directory used by selected SMTP server.

Traffic based monitoring

Another option for monitoring SMTP is through traffic. This method can be used with any SMTP server, but requires more resources compared to monitoring through logs. Please also note that SSL/TLS connections and username detection is not supported.

Traffic based SMTP monitoring

SMTP Monitoring via Traffic

The following traffic based monitoring methods are supported

  • WinPcap - Works on all Windows Editions, WinPcap must be installed.
  • Raw Sockets - Does not work on Windows Server 2008 or with firewalls.

SMTP port

You may specify multiple comma-separated ports for SMTP traffic monitoring.

RdpGuard 9.7.9 Free Trial

RdpGuard protects:

Social Connection
RdpGuard Logo
 
People like RdpGuard!
Our customers say

"This sotware is really great. It's a relief. Because my server is constantly under attack. Thanks RdpGuard" - Joaquim De Sousa Marques

"Nice product. I used to implement something similiar in a low-tech and cumbersome manner via a script called TSBlock (not mine). This makes it much easier and is well worth the pricetag for SMB's." - J. Johnson

"Absolutely amazed at your product. We are a church in the North Dallas area, and I discovered this morning multiple failed logon attempts via our Remote Access Server. A friend suggested your product, so I immediately downloaded the trial. It had a list of about five blocked IP addresses in minutes, and that was enough to lead me to push the BUY button. Over the past 10-15 minutes the list is now about thirty with at least a third being international attempts to break into our system. Thanks for a great product. You may have just saved us much grief." - John Hallford

"Love the software. RDP on our Windows servers is just ridiculous. We would block it in the router but we have lots of old-time customers that would have issues." - Scott Hirsch

"Love the software! Makes it easier than tailoring VB Scripts!!" - Nick Brennan

"It's a great product - really stopping those RDP attackers :-)" - Dave, UK

"First of all: Your application is very (!!!) useful and I like it very much securing my 2012 R2 server. RdpGuard is the best solution, I found on the market and after 10 minutes of testing it I ordered the fully-featured version. :-)" - Carsten Baltes

Our Other Products
Copyright © 2012-2024 NetSDK Software. All rights reserved.  Terms of Use.  Privacy Policy.