Hi Alessio,
You could try our Authentication Blocklist:
https://docs.abusix.com/ami-production-zones/authbl
This doesn't pre-emptively list cloud IPs, it only lists IPs where we've
seen evidence of compromise/abuse and these come from a variety of
sources, some of them I believe to be novel to us and is updated every
minute.
There's a free trial available on our website if you're interested and
you're welcome to contact me off-list.
Kind regards,
Steve.
--
Steve Freegard
Senior Product Owner
Abusix Intelligence
On 21/09/2021 16:08, Alessio Cecchi via mailop wrote:
Hi,
we are an email hosting provider, and as you know many users use weak
passwords, or have trojan on their PC that stolen their password that
are used to sent spam or doing some kinds of fraud.
We already have a "script" that checks, from log files, the country of
the IP address and "do something" to detect if is an unusual login.
But is not really sufficient.
For "do something" I means:
- too many logins from different country
- too many fast login
So we are always looking for a system/software/service/script to
detect login to POP IMAP or SMTP not made by the user.
I have also test the AWS SageMaker IP Insights service but without
success.
Have someone experienced about these problems?
Thanks
--
Alessio Cecchi
Postmaster @http://www.qboxmail.it
https://www.linkedin.com/in/alessice
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
