IP block issue from IMAP connection

rszkutak

Verified User
Joined
Dec 22, 2003
Messages
161
Location
Scottsdale, AZ
I have a single customer on my server that uses IMAP for their email. On a frequent basis his IP get's blocked in the firewall on the server and I have to go unblock it.

The error message that the log's show is this, but with different IP's each time it's block (dynamic ip)

Jun 28 16:00:57 vps44188 lfd[28579]: (imapd) Failed IMAP login from 68.104.251.241 (US/United States/ip68-104-251-241.ph.ph.cox.net): 10 in the last 3600 secs - *Blocked in csf* [LF_IMAPD]

he says he has imap setup on his iphone and computer, both of which he is successful in reading the emails on / sending emails. However randomly he get's blocked but it's been happening more recently.

Any idea's what to look at to help this person out? I got nothing other than it's an email thing with login.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,254
Location
Maastricht
(imapd) Failed IMAP login
This says it all. Failed login. Ask the customer if he has another device which is being used for mail. I had the same issue with a customer and after some asking he checked again and admitted he had the account also on his phone, but thought it did not work because he never received mail on it... pffff.... LoL. So that was the one with wrong password. :)
 

rszkutak

Verified User
Joined
Dec 22, 2003
Messages
161
Location
Scottsdale, AZ
that's what this guy is saying as well, but i'm confident that he has something setup either on his phone or possibly one of the tablet's he let's his kids use... or even setup twice on a PC.

i really have no idea at all. He is a friend but i don't want to drive an hour each way to check it out, but if need be i surely will do it.

He's not the most savvy person when it comes to computers. Heck it could even be a 3rd party app that he has in there trying to link to the email account or something.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,254
Location
Maastricht
He's not the most savvy person when it comes to computers.
Most people aren't so that's nothing to be ashamed off.
If it's a friend and you trust that he just made a mistake somewhere and has a low risk of spamming, you could also whitelist his ip in CSF like csf.allow and/or csf.ignore unless he has a dynamic ip which changes a lot.
 
Top