Hijack detection enables an MDaemon administrator the ability to configure a set number of messages sent from an authenticated account, from a specific IP range, in a defined number of minutes.
If an account crosses this threshold the postmaster is notified via email and (optional) the account is frozen. A frozen account can still receive mail. However, the account cannot send mail. This feature is useful to prevent compromised accounts for submitting scores of spam/bulk mail. Compromised servers can result in the possibility of having domains added to public internet black lists or result in poor sending reputations.
- Select Security
- Select Security Settings
- Expand Screening
- Select Hijack Detection
- Hijack detection will be triggered when the number of messages (X) exceeds the specified amount of time (Y).
- Check Limit messages sent from reserved IPs to limit message sent from reserved IPs to X messages in Y minutes.
- Check Limit messages sent from local IPs to limit message sent from local IPs to X messages in Y minutes.
- Check Limit messages sent from all other IPs to limit message sent from all other IPs to X messages in Y minutes.
- Check Freeze accounts when limit is reached to freeze MDaemon accounts when X messages meets/exceeds Y minutes.
- Freezing accounts will allow incoming mail to be delivered and restrict outgoing mail
- Click White List if you would like to open the Hijack Detection white list to add entries (wild-cards are OK).
- Select Save when finished adding/removing addresses to the White list.
- Click OK
**NOTE - Mailing lists are included in this feature. If you have mailings lists with more than X members, add them to the white list or consider increasing X number of messages.