Link to home
Start Free TrialLog in
Avatar of IT Man200
IT Man200

asked on

Macbook - Mac Mail - IP gets blocked - is there a virus / Malware?

I have a case of a client based in France who is having a problem with their IMAP email account provided by a UK webhost.

Summarised story is

When they turn on their Mac Book, their IP address at home gets blocked by the email provider and they justify this because they say their logs show many invalid credential checks when the Mac is turned on.

If we take the Mac to an internet café it works fine.

They have an iPad and iPhone. When the laptop is turned off for a long while, they work, when the laptop is on, they stop (so have to swtich to cellular network to get email from this account)

Much obvious investigation has been done, but the fact the laptop works at an internet café, suggests the settings are correct.

This leaves me thinking there is some virus on the laptop or something. However, I have run Malwarebytes AND I have also monitored the network traffic from the Mac and can’t see anything.
Screen shot below with username blurred for privacy.
User generated imageAny insights into what could be causing this welcome. Can it be the ISP in France has some issue? But then why only when the laptop is on and the fact the email provider / webhost shows a log of invalid login attempts.

Suggestions welcome
NetworkMonitor-screen-shot.png
SOLUTION
Avatar of Eoin OSullivan
Eoin OSullivan
Flag of Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of IT Man200
IT Man200

ASKER

I should also add, this all started, after an upgrade to El Capitan.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
OK eoinosullivan. Sounds like a great idea with the spotting failed connections.

Next access to laptop might not be until Monday, but will keep you posted. Additional suggestions to try when I get a chance on it next are welcome.

Thanks so far!
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
We've kind of got this working. Basically the provider is rubbish and blocks anything ver y easily. Even when we change the password, we got blocked as some devices still trying to login with old password. So it leads you think something wrong when really, the server is being over sensitive and blocking the user.

Will wait a day or two and see, but we recommended user change provider.
Thanks for all the great input on this. In the end, we moved provider and and all worked well. WE can only conclude that the host had a very sensitive blocking system or some other issues that caused the email to be blocked so easily.

Since on the new server, there have been no problems whatsoever so far (A few weeks in).

Many thanks for input