Hi,
Are these two new problems that we introduced with Imail 2007.21.2, or are those known problems in the released version - or should I open a new support case for this? We had never noticed those problems until today. a) I had an IP address that had been temporarily blocked for 5 minutes because of invalid RCPT TOs. Within 3 minutes after this IP address was added to the access control list, I happened to do maintenance against the Imail server (installing Microsoft's latest hotfix) and thus shut down the machine. Apparently, as a result, IMail "forgot" the fact that this particular block was supposedly only "temporary" (for 5 Minutes). When the server had restarted, that block was now permanently in the access control list and never seemed to expire. Eventually I had to delete that IP address from the access control list manually and then restart SMTP before that IP address was permitted again! Does Imail keep the access control list in some permanent location (such as the registry) - but the "timeout timestamp" in some temporary location (such as a memory array)? This would explain why a reboot would "convert" temporary blocks into permanent ones - which over time would result in an ever-growing permanent block list and cause us to block some big providers unintentionally! b) I hope I'm mistaken - but according to users (and looking at logs) it seems as if the "Dictionary Attack" detection is NOT bypassed for connections by accounts that have properly authenticated themselves (using SMTP AUTH). Under all but the most unusual circumstances, dictionary attacks would be expected from anonymous third parties NOT from known, authorized/internal parties!? If internal/authorized users happen to misspell internal email addresses, it's simply a mistake, not an attack and their connection should not be subjected to the normal penalties? Best Regards, Andy Schmidt
