Error message: Your connection has been blocked temporarily - Try again later
If you get an error message in your email client software saying Your connection has been blocked temporarily - Try again later
or Server access temporarily blocked! Please try again later
, or Client IP address (aa.bb.cc.dd) blocked this means the Intrusion Prevention System (IPS) in VPOP3 has detected abnormal behaviour from your IP address, and it has applied a temporary block to prevent abusive behaviour.
There are two components in which detect abnormal activity - the SMTP service and the Login component.
SMTP Service
You can set how the SMTP Service IPS works by going to Services → SMTP → IDS/IPS
in the VPOP3 settings.
Every time one of the monitored events happens (eg a failed login, or a message containing a blocked attachment name) the relevant 'multiplier' is added to a score for that IP address. If that score reaches theClient Error Block Threshold
value within the specified Client Error Monitor Period
, then the IP address is blocked for the Client Error Block Time
time.
For instance, with the default settings of:
-
Bad Authentication Multiplier = 50
-
Bad Local Rcpt Multiplier = 50
-
Relay Denied Multiplier = 100
-
Client Error Monitor Period = 60 minutes
-
Client Error Block Threshold = 1000
-
Client Error Block Time = 30 minutes
If an IP address tries to relay through VPOP3 twice (2 x 100), tries to log on 5 times with an invalid password (5 x 50), tries to send to 12 local addresses which don't exist (12 x 50) within an hour, then the total score will be 200 + 250 + 600 = 1050, so that IP address will be blocked for 30 minutes.
Login Component
You can access the settings for this by going to Settings → Security Settings → Intrusion Protection. VPOP3 will block IP addresses if it sees repeated attempts to log in with an invalid username and/or password from an IP address. This is separate from the Account Locking facility which just blocks an account, as this will also check for attempts to log in to multiple different accounts, or even accounts which don't actually exist in VPOP3.
Managing the blocked IP addresses
You can manage the blocked IP addresses on either the SMTP service or Security Settings pages described above. The options below are identical on those two pages.
Viewing the event log
You can see which events contributed to an IP address being blocked by clicking on the View Event Log
button
The 'Never Block' list
The 'Never Block' list tells VPOP3 never to block certain IP addresses even if they do suspicious actions
You can add/remove addresses from the 'never block list' by clicking on the Manage Never Block List
button.
As well as preventing the blocking of individual IP addresses, you can stop a subnet being blocked by using CIDR notation, eg 192.168.1.0/24
The 'Block' list
The 'Block' list shows which IP addresses have been blocked, either automatically or manually.
You can view the block list as well as manually block IP addresses, or remove IP addresses from the block list by clicking on the Manage Block List
button.
As well as manually blocking individual IP addresses, you can block a subnet by using CIDR notation, eg192.168.1.0/24
In the block list, if you double-click on a blocked IP address, then a message will appear summarising why that IP address was blocked.
Common reasons for problems
Common causes of legitimate IP addresses being blocked are:
-
sending messages to invalid local recipients (eg if the recipient email address is misspelled)
-
sending messages containing prohibited attachment filenames, eg attachments with 'dual filename extensions', such as 'document.xls.pdf'
-
broken email client software - eg email client software trying to send a message even if previous SMTP commands failed, resulting in an invalid SMTP command sequence, which is classed as a 'Syntax Error' by the IPS/IDS system.
Normally a user has to perform these actions many times to be blocked, so in most cases legitimate users won't be blocked.
However, sometimes users will repeatedly try an action even though it has failed, without trying to establish why it failed, in the hope that somehow it will work later - this can lead to their IP address being blocked
In version 5.0d and earlier there was a known issue with the Manage Block List
and Manage Never Block List
buttons in Internet Explorer. Other web browsers, such as Mozilla Firefox and Google Chrome work correctly. This problem was fixed in version 5.0e