Smartermail server provides the security feature on a failed login attempt. By Default, a user can be locked out for 5 minutes after 10 failed login attempts. You can change this setting as per your requirement. Following are the steps to change the maximum failed login attempts for the Smartermail.
- Open the Smartermail Web.config file located at the default location C:\Program Files (x86)\SmarterTools\SmarterMail\MRS or C:\Program Files\SmarterTools\SmarterMail\MRS.
- Find the following line in the web.config to change the number of attempts before the block.
<add key="ForgotPassword.BruteForceDetection.TriesBeforeBlock" value="10"/ >
- You can edit the value to change the failed login attempt before the block is applied.
- Find the following line in the web.config to change the block time.
<add key="Login.BruteForceDetection.BlockTime" value="5"/ >
- You can edit the value to change the blocking time for the IP Address.
You can verify the setting by entering the wrong credentials to smartermail at your end.