KBA-02433

MDaemon 13.0.x - Detecting and stopping hijacked accounts

Detecting and stopping hijacked accounts requires MDaemon Pro.  Dynamic Screening has been improved by adding an option to disable local accounts which try to send more than XX messages in XX minutes.  When an account is disabled an email is sent to the postmaster which can be replied to which re-enables the account. 

Note, that the account could quickly get disabled again if the message sending continues.  Accounts disabled by this process can still accept incoming mail but they can not log in to web mail or web administration and they can not collect or send mail.  The intent is to try and recognize and stop a hijacked account so that the postmaster can review the situation and take action.  The postmaster account is exempt from this.

 

  1. Select Security
  2. Select Security Settings
  3. Select Dynamic Screen
  4. Check Disable accounts that send more than X msgs in X minutes
  5. Configure how many messages and within how many minutes you would like Dynamic Screen to trigger
  6. Click Apply
  7. Click OK.
    .