Country Authentication Restrictions NOT working

This is the area for a general support questions, discussions and information that you can read and share. Post your experiences, stats and tricks and tips that are not covered elsewhere. Remember, for questions please search the FAQ first, as your question may already be answered.

Moderators: wizard, magicspam

Post Reply
chcxab
Posts: 2
Joined: Sat Jul 31, 2021 3:50 pm

Country Authentication Restrictions NOT working

Post by chcxab » Sat Jul 31, 2021 3:53 pm

Hi,

I use MagicSpam Pro in Plesk, latest version of both (formerly Obsidian).

I got a lot of LFD blocked attempts for SMTP AUTH failed logins, so I blocked in the almost all countries in Country Authentication Restrictions except the ones we know we need.

Still I got the same number of attempts, I restarted the service, email services, and still the same.

Any clues? I use Juggernauth Firewall too there.

Best

magicspam
Posts: 1432
Joined: Tue Oct 28, 2008 2:27 pm

Re: Country Authentication Restrictions NOT working

Post by magicspam » Tue Aug 03, 2021 2:43 pm

Hello chcxab,

Thank you for your post.

Please note that SMTP AUTH failures are normally reported for any failed authentication from countries that are blocked in your MagicSpam. This is currently done this way as authentications are rejected on the SMTP layer and not right away when the connection was made That said, we do have an upcoming release, which will block them earlier in the process (e.g: connection level) and we also have new AUTH blocking features available, including the RATS-AUTH RBL, and other reputation lists that you can enable.

Our RATS-AZURE, RATS-GCLOUD, and RATS-AWS are also good tools to block AUTH attacks, they will form the basis of RATS-CLOUD since those ranges are unlikely to be doing normal authentication, compared to say regular email clients.

We will also update our development team, as we can see how our MagicSpam customers would like to block them earlier to reduce the appearance of them in the logs, and make it easier to identify that MagicSpam is working effectively against AUTH attacks.

Thank you for your feedback!
-- MagicSpam Support Team --

Post Reply

Return to “General Discussions and Support Questions”

Who is online

Users browsing this forum: No registered users and 2 guests