Hi,
Our clients OFTEN get blocked by CSF/LFD due to mail bad login attempts, or stuff like that.
They are in offices with multiple email clients (outlook or other).
They always tell me that they did not change anything.
But it MIGHT be one of their employees with an iPhone misconfiguring their account.
So I would like to give them MORE information about WHICH device in their network is making these attempts. A device system name or a local IP. Something.
Can you give me a mail log GREP command that would yield all the info about the most recent connection attempts from this IP? To get this info.
Or any other tip / idea?
Thanks!