Hacked Account Mail Regulator

How to get here

Hacked Account Mail Regulator (HAMR)

User's email accounts today are constantly under attack by hackers and spammers. Once an account has been successfully compromised the victim's email account is used to send out spam, viruses and/or malware which can slow down the IMail Server, and then become blacklisted by other mail servers.

The SMTP Service has the capability to set limitations for a users outbound messages by disabling or throttling a user's messages once the Maximum Count within a certain Time Interval has been met, with an ability to also notify the IMail System Administrators when the limitations have been met.

Hacked Account Mail Regulator (HAMR) limits can be configured and customized at multiple levels: System wide, Domain wide or even individually by user. Be reminded that individual user settings will override System and Domain settings; and Domain settings will override System settings. Reset buttons reside at the domain and system levels to clear out any user settings.

System Configuration

• Alert Address. Enter the email address of the IMail Administrator to be alerted when a user's account has been disabled or throttled.

  Tip: Be sure to set the option to Alert Administrator at the System, Domain, or User level to activate email for when user's activate their message deliver limits.

  Note: Email sent to the Alert Administrator for throttling will only be sent out once per interval setting.

• Internal Database. (Set by Default) Uses SQL Lite a simple file that will be located under the users directory.

Warning when using Microsoft SQL Server: Should your Microsoft SQL Server become "unavailable" to the IMail Server and attempts to retrieve a User's Message Counters fail, the following will occur:

After 10 failed attempts within a 15 minute period an email will be sent to the Alert Address. Mail delivery will become unlimited until the SQL Server becomes available again. An email will be mailed out on a daily basis to the Alert Address, until the SQL Server is available.

• Microsoft SQL Server. SQL Server Settings appear when Microsoft SQL Server is selected above.

  When using SQL Server, SMTP will automatically perform a database cleanup at 1:00 am everyday. This cleanup will remove any invalid domains or user records and expired entries from users that rarely access their accounts.

  Do not configure two different IMail Servers to use the same SQL Database as the nightly database cleanup will remove the other server's records. The only exception to this is when IMail Server is configured in a Failover Cluster; in this configuration the servers both share the same ID's for domains and users allowing correct record removal.

  Note: When using SQL Server, SMTP will automatically perform a database cleanup at 1:00 am everyday. This cleanup will remove any invalid domains or user records and expired entries from users that rarely access their accounts.

  Warning: Do not configure two different IMail Servers to use the same SQL Database as the nightly database cleanup will remove the other server's records.

  • Server Name. Enter the valid SQL Server path. Click the Browse button (available only with the IMail Administration Console) to display all available SQL Servers within the network.
  • Username. Enter the associated SQL Server Username.
  • Password. Enter the valid password for the SQL Server Username entered above.
  • Database. Enter the SQL Server database name. Click the Populate Database List (available only with the IMail Administration Console) to display all the databases with the selected SQL Server.
  • Test button. This button will verify a valid connection.

Hacked Account Mail Regulator Settings

System Level User Settings

Note: Set the Alert Address and the database type before enabling Hacked Account Mail Regulator settings.

• Status. (Disabled by Default) Select "Enabled" to activate the Hacked Account Mail Regulator (HAMR) settings. This will enable Hacked Account Mail Regulator settings for Domains and/or Users that are set to use the System Hacked Account Mail Regulator Settings. See Examples.

• Interval. (Set to 1 Day by Default) Once Hacked Account Mail Regulator (HAMR) has been enabled this interval can be set by day, hours or minutes, depending on the IMail Administrators needs. See Examples.
• Message Limit. (Set to 5000 by Default) This limit is the number of messages allowed to be sent within the interval set above. See Examples.
• Action To Take. (Set to Throttle by Default)
  • Disable Account. Selecting this option will completely disable the account. The message being sent that triggers this action will receive a 550 error and will not send. The account will no longer be user accessible and will require an IMail Administrator to re-activate the users account.
  • Throttle Messages. (Selected by Default) Once the message limit has be triggered, messages being sent out will received a 450 and will warn the user that the message limit has been met and to wait and try again later. This option will stop any messages from being sent until the set interval has been met, allowing messages to be sent.
  • Alert Administrator. (Not set by Default) Check this box to send a message to signal a user has been disabled or throttled due to the max message count being exceeded.

    Note: Email sent to the Alert Administrator for throttling will only be sent once per interval setting.

    Tip: This option requires a valid email address to become available for use.

• Reset All Domain and User Settings. Clicking this button will give the option to reset the following:
  • Reset all Domains to "Use System Settings" as set in System > Hacked Account Mail Regulator.
  • Reset all Domains to "Use System Settings" as set in System > Hacked Account Mail Regulator and reset all User's to "Use Domain Settings" as set in Domain > Domain Properties.

Save. Click to save your settings.

Related Topic

Domain Hacked Account Mail Regulator Settings

User Hacked Account Mail Regulator Settings