Account Hijack Detection
The options on this screen can be used to detect a possibly hijacked account on your server and automatically prevent it from sending messages. For example, if a spammer somehow obtained an account's email address and password then this feature could prevent the spammer from using the account to send bulk junk e-mail through your system. You can designate a maximum number of messages that may be sent by an account in a given number of minutes, and optionally cause an account to be disabled if it reaches that limit. You can exempt a specific user from Account Hijack Detection by enabling the Exempt this account from "Account Hijack Dection" option on the user's Account Settings page. You can set the default value for the user-specific option on the User Options page.
|
Account Hijack Detection only applies to local accounts over authenticated sessions, and the Postmaster account is automatically exempt. |
Accounts may send no more than [xx] msgs in [xx] minutes
Use this option if you wish to prevent local accounts from sending more than the specified number of messages in the designated number of minutes. If an account attempts to send more than the allowable number of messages then SecurityGateway will not drop the connection but it will reject the over-the-limit messages with a 452 error until the time-limit expires. Then it will again accept messages from the account.
Disable account when limit is reached
Check this box if you wish to disable accounts that attempt to send more than the allowable number of messages. When this happens, the server sends a 552 error, the connection is dropped, and the account is immediately disabled. The disabled account will no longer be able send mail or check its mail, but SecurityGateway will still accept incoming mail for the account. Finally, when the account is disabled an email is then sent to the postmaster about the account. If the postmaster wishes to re-enable the account that he can simply reply to the message.
Exceptions - Domains
If you select a specific domain in the "For Domain:" drop-down list box at the top of the page when configuring these settings, that domain will be listed here after saving the settings. Click the View/Edit link for the corresponding domain to review or edit its Account Hijack Detection settings, or click Reset to reset the domain's settings to the default Global values.
