Forum Discussion
Failed log on (Failure message: Account is locked because user tried to sign in too many times with
VasilMichev I have exactly the same problem for a client. IMAP and POP are disable, but when external users try to brute force the account, the tries count for the lockout for a 30 minutes... the account get locked out even if the IMAP protocol is disabled for the user. actually I'm trying to build conditional access policies to block connections from some countries (China...). The user don't want (for now) to start using Outlook, and don't want to hear about anything else than iOS mail, which only support basic authentication, so for now I can't disable Basic authentication. I'm getting out of ideas.
CA policies and the protocol controls act *after* the login, that's why I suggested completely disabling legacy auth via authentication policies in Exchange above.