Intrusion Prevention
Selecting the Intrusion Prevention tab presents you with a list of IP addresses that have been blocked by the Intrusion Prevention function, along with the Expires (date/time) that the block will expire.
Figure. Intrusion Prevention tab.
| Field |
Description |
|---|---|
|
Refresh |
Click this button to refresh the list. |
|
Add |
Click this button to add an IP address to the list.
The Tarpitted IPs dialog is shown.
Specify the IP address here. CIDR notation/ranges can be used.
Note: The expiration time will be calculated according to your Antispam settings. |
|
Remove |
Click this button to remove the selected IP address(es). |
|
Remove All Expired |
Click this button to have all expired IP addresses deleted from the queue. |
|
Remove All |
Click this button to have all IP addresses removed from the queue. |
Intrusion Prevention Reason Codes
| Reason Code |
Explanation |
|---|---|
|
C |
Tarpitting invoked via Content Filters |
|
I |
IP blocked for exceeding connections in one minute |
|
M |
IP blocked for delivering oversized message |
|
R |
IP blocked for exceeding RSET command count |
|
D |
IP blocked for being listed on DNSBL |
|
A |
The account that this message was sent to was a "tarpit" account so the sending IP is tarpitted |
|
P |
IP blocked for exceeding unknown user delivery count |
|
U |
IP blocked manually via console |
|
S |
IP blocked for exceeding spam score in a message |
|
Y |
IP blocked for relaying |
|
L |
IP blocked for too many failed login attempts |
