how do you guys protect your smtp-auth-gwia (e. g. smtp.your.domain) out in the internet from bad password attacks?
we just realized, that gw-intruder-detection obviously doesn't recognize these bad password attempts as intruders! imap-/pop-/soap-bad-password-attempts are counted as intruders as expected.
the problem is, that these intruders lock down your edir-account (in case you run your gw against ldap, what we do...) ongoing, so the affected users cannot work during such an attack...
only "option" seems to be to disable(!) intruder detection on edir...?!
that's not what we want actually!
tnx, regards! gerald