We have configured password locked out policies and noticed that once we enabled External User Authentication, the admin account does NOT get locked out, this has been tested on SMA 11.5.075.

When disabling the external authentication, the admin account will get locked.

Also the local users seem to have the ability to log on the End User Spam Quarantine, regardless of whether there local account on the SMA is locked.

Any ideas?