Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Managing Messages > Controlling directory harvest attacks
Controlling directory harvest attacks
Administrator Help | TRITON AP-EMAIL | Version 8.2.x
A directory harvest attack is used by questionable sources to gain access to an organization's internal email accounts. A directory attack not only consumes large amounts of system resource but also, through the acquisition of email accounts, creates spam problems for email end users. With directory attack prevention settings, you can limit the maximum number of messages and connections coming from an IP address over a given time period.
To configure directory attack control:
1.
Select Settings > Inbound/Outbound > Directory Attacks.
2.
Select the Limit the number of messages/connections per IP every check box to enable the directory harvest attack prevention function.
3.
Set the time period, from 1 second to 60 minutes, in the drop-down list (default is 60 seconds).
4.
Set the maximum number of messages allowed from an individual IP address during the specified time period (default is 30).
5.
Set the maximum number of connections allowed from an individual IP address during the specified time period (default is 30).
6.
If you have enabled the directory attack prevention option, you can also enable settings to block an IP address when a specific set of recipient conditions occurs. Mark the Block the IP address for check box, and enter the time interval during which you want an IP address blocked (default is 3 hours).
7.
Enter the conditions for blocking the IP address:
*
Maximum number of message recipients (default is 5)
*
Maximum percentage of invalid addresses among the recipients (default is 50%)
When these recipient limitations are exceeded, the connection is dropped automatically.
This option is available only when the recipient validation option is used (see Adding user authentication settings).

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Managing Messages > Controlling directory harvest attacks
Copyright 2016 Forcepoint LLC. All rights reserved.