Page 1 of 1

How to ignore specific email address check

Posted: 14 Nov 2013, 18:05
by AndyB78
Hi,

Is there some way to ignore checks for a specific email address?

My situation is that one of our cPanel users had an email address for an employee. The employee is gone, the address was deleted but the ex-employee still checks the address a thousands of time a day and they keep banning some important IP addresses. We have whitelisted the respective ranges but now we are getting many hundreds "Permanent Block (IP match in csf.allow, block may not work)" each day.

Asking the ex-employee to stop checking the address is not an option.

Regards!

Re: How to ignore specific email address check

Posted: 16 Dec 2019, 09:57
by bouvrie
Bumping this question, as I have the same situation.

Is there any way to have LFD ignore specific Email addresses triggering an IP block? I tried expanding the Logignore file, but apparently this doesn't have any effect?

Code: Select all

...

^(\S+|\S+\s+\d+\s+\S+) [^\s\.]+ dovecot: imap-login: Aborted login (auth failed.+: user=<email@domain.com>

Re: How to ignore specific email address check

Posted: 16 Dec 2019, 14:57
by Sergio
As this is not a MailScanner issue but cPanel, the only way that I found to manage this type of situation is to let the email account to exist with the actual password that the user had to check the email.

Then in cPanel I suspend the send and receive options, so, even if the employee can access the email account he will not be able to send and receive emails. That way the IPs will never be blocked and the employee could not use the account.

Sergio

Re: How to ignore specific email address check

Posted: 21 Dec 2019, 18:09
by loadfactor
I've got two scenarios where this is a big problem. The first is a user who has some old forgotten device that's pulling mail. User gets a new device, changes password. Old device triggers lfd, user gets their address blocked. Repeat until permanently blocked. I had one user who took months to find an old tablet that was doing this.
The second is some user with a cell that has a bad mail password. As they move around, they get blocked on numerous addresses in the same C class, and lfd issues a net block. This disconnects a busy urban cell tower and more users have problems.
Where is lfd getting this data if not from the log files?

Re: How to ignore specific email address check

Posted: 25 Jan 2022, 16:53
by hackerscomputer
Bumping again, no solutions ?