> I  can't  readily think of a more appropriate place to perform these
> checks,  except maybe by modifying the Imail Web interface itself to
> use  a  geolocation  database,  but  I'm  not  sure  if  that's even
> possible.

You're  talking  about a task typically done by an ISAPI filter on the
box or by a reverse proxy -- something host header aware.

Fastream's  IQRP,  which  we swear by here, can block by geo. Tometa's
GeoSniper  is an ISAPI geo filter which I haven't used but which could
be perfect for you.

ISAPI-based  IPSes  like  ThreatSentry,  DotDefender, WebKnight can be
bound  only to a specific virtual server in IIS and detect trends over
time,  such  as  too  many hits on the mail submission form in a short
period.  Don't  think  any of these used geolocation outright the last
time I used them.

WhosOn, a user tracking app that we also use, can tail your logs every
15  seconds  and  also  find  aberrations  like  this,  though  it  is
technically out-of-band.

--Sandy


------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: sa...@cypressintegrated.com

SpamAssassin plugs into Declude!
  http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/

Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases!
  
http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/
  
http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/


To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html

Reply via email to