IP Blocking

Conditions for IP Blocking

The Optimails system automatically blocks an IP address when it detects suspicious behavior, such as:

  • Repeated failed login attempts
    → typically SMTP, IMAP, or POP authentication failures (incorrect passwords).

    Example: multiple login attempts with an incorrect password.

  • Mass sending or spam-like behavior
    → if an IP sends a high volume of emails within a short period of time, or with high spam scores.

  • Detection of abusive SMTP behavior
    → multiple simultaneous connections, invalid commands, or sending to unauthorized domains.


When is the IP blocked?

The block is triggered immediately as soon as the configured threshold is reached.

For example:

  • If the Failed Logins Limit parameter is set to 3, then after 3 consecutive failed attempts, the IP address is added to the dynamic blacklist.


Duration of the block

By default, the blocking duration is between 30 minutes and 1 hour.

Once this period has expired, the IP address is automatically removed from the blacklist.

Tags