Using MDaemon Location Screening to block potential hackers

One of the more recent and often somewhat overlooked security features within MDaemon is Location Screening. This can be viewed as an IP level firewall but one that is blocking IPs based on their country of origin.

However, with the evolution of cloud email platforms, UK based companies might actually host their mail servers anywhere around the world and may not actually know where those mail servers are actually geographically located. As a result, blocking all traffic based on the country of origin becomes much less reliable.

Our view is that Location Screening should therefore be seen as a means to block SMTP authentication attempts based on their geographic location. The idea behind this is mail administrators typically know where in the world remote users are accessing email from and more importantly where they will not be doing so.

By blocking any authenticated sessions from large geographic areas you can minimise the attempts of Botnet attacks that are rattling the doors and trying to authenticate with your server. Even if if a password becomes known, this means that the geographic location of the source still prevents it being used to send email through your MDaemon server.

Location Screening can be used in conjunction with  Dynamic Screening and Hijack Detection to provide a robust method to lock down your MDaemon server and prevent accounts from being compromised.

 

Leave a Reply