Just recently we had an "attack" on our gwia. Some one was trying to log in via Pop3 using an array of different user names which caused some of our mailboxes to become locked due to to many unsuccessful attempts. What I did was I denied the service under Access Control under the GWIA properties default Class of service for everyone. I created a new Class of service for the users that need Pop3 access. I was curious if this is enough to prevent this from happening again? Any help is appreciated.