Mailing List CGatePro@mail.stalker.com Message #102903
From: Urs Grützner <ugruetzner@ems.ch>
Subject: POP/IMAP scanning for addresses
Date: Thu, 19 Jan 2012 10:48:35 +0100
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: Apple Mail (2.936)
CGP 5.1.16


in the night of Jan 17, 2012 a robot from 88.2.164.178 seemed having scanned during one hour for addresses on our server. Below is only a little exerpt, 



Questions:

1. is there a setup to block out an iP when mulitiple, unsuccessful connection trials are performed in a short time period?


2. in SMTP Module CGP checks for blacklisted servers. Is there also the same procedure possible for POP or IMAP connection trials?

Thanks


Urs



03:08:29.221 1 POP-018410([88.2.164.78]) failed to open 'abigail'. Connection from [88.2.164.78]:4154. Error Code=unknown user account
03:08:29.224 1 ROUTER SYSTEM: 'audrey@ems.ch' rejected. Error Code=unknown user account
03:08:29.224 1 POP-018413([88.2.164.78]) failed to open 'audrey'. Connection from [88.2.164.78]:4177. Error Code=unknown user account
03:08:29.236 1 ROUTER SYSTEM: 'antonio@ems.ch' rejected. Error Code=unknown user account
03:08:29.236 1 POP-018411([88.2.164.78]) failed to open 'antonio'. Connection from [88.2.164.78]:4173. Error Code=unknown user account
03:08:29.386 1 ROUTER SYSTEM: 'beth@ems.ch' rejected. Error Code=unknown user account
03:08:29.386 1 POP-018414([88.2.164.78]) failed to open 'beth'. Connection from [88.2.164.78]:4187. Error Code=unknown user account
03:08:29.597 1 ROUTER SYSTEM: 'benjamin@ems.ch' rejected. Error Code=unknown user account
03:08:29.597 1 POP-018415([88.2.164.78]) failed to open 'benjamin'. Connection from [88.2.164.78]:4192. Error Code=unknown user account
03:08:29.737 3 POP too many (100) streams open
03:08:29.737 3 POP [0.0.0.0]:110 <- [88.2.164.78]:4270 connection rejected
03:08:29.739 3 POP too many (100) streams open
03:08:29.739 3 POP [0.0.0.0]:110 <- [88.2.164.78]:4274 connection rejected
03:08:29.745 1 ROUTER SYSTEM: 'ashley@ems.ch' rejected. Error Code=unknown user account
03:08:29.745 1 POP-018416([88.2.164.78]) failed to open 'ashley'. Connection from [88.2.164.78]:4204. Error Code=unknown user account
03:08:29.755 3 POP too many (100) streams open


-------------------------------------------------------------------          
      Urs Gruetzner                               ugruetzner@ems.ch
      Engineering Management                 Phone  +41 31 326 2323
      Selection E.M.S. AG                    Fax    +41 31 326 2320
      Neuengasse 39 P.O.B. 6019       mob +41 79 341 5292
      CH-3001 Bern Switzerland                    http://www.ems.ch

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster