If you do not like the default internet passowrd lockout settings, you can configure those settings to a more acceptable level by creating a security policy.  Look in you IBM Domino Administrator Client Help file for information on how to creat the policy if you are not familiar on how to do this.

I'm having the same difficulty and would like to see a how to as opposed to a "go to the help files."  Has anyone had success in implementing an IP lockout vs. user lockout?

EDIT:  I just sent the following to IBM support on a newly created PMR.

Since there seems no way from stopping a "Brute Force Attack" on our mail server other than locking the user out after a number of tries....  Is there any way that the Internet Security Policy can be used to lockout offending IP's rather than users or a combination of both?

For example:
an offending IP address that unsuccessfully  tries to login more than 3 times is locked out.
However, the user account remains unlocked and can successfully login from a different IP address.

Agreed, al de la cruz. Users are finding how it works a real turn off, as in, a show stopper turn off and you get my drift.

Bradley, I looked at Policy in case I'd missed over the years there options for IP lockout, but nope, all it does is present you options for locking out user accounts. Or did I miss something?

guys kinda stuck here with same brute attack issue Is there a  solution yet?

Hi,

  Sometime ago we tried to solve the same issue. We used the information publish at our web site.

  If the attacks are quite frequent you should also have to "clean" the blocked IPs, as I don't know which Window 2002 limit is for the field that stores the blocked IPs. In any case, as a good practice, this solution should be extended to block the IPs at the firewall level and not at the local Server.

Hi Migeul,

We have linux based domino.

As suggested will try os/ FW based solution.

Thanks

Hi all,

There is an IPS signature for brute on smtp.

Did the trick.

Thanks