Conditions for IP Blocking
The Optimails system automatically blocks an IP address when it detects suspicious behavior, such as:
-
Repeated failed login attempts
→ typically SMTP, IMAP, or POP authentication failures (incorrect passwords).Example: multiple login attempts with an incorrect password.
Mass sending or spam-like behavior
→ if an IP sends a high volume of emails within a short period of time, or with high spam scores.Detection of abusive SMTP behavior
→ multiple simultaneous connections, invalid commands, or sending to unauthorized domains.
When is the IP blocked?
The block is triggered immediately as soon as the configured threshold is reached.
For example:
If the Failed Logins Limit parameter is set to 3, then after 3 consecutive failed attempts, the IP address is added to the dynamic blacklist.
Duration of the block
By default, the blocking duration is between 30 minutes and 1 hour.
Once this period has expired, the IP address is automatically removed from the blacklist.