Mailing List CGatePro@mail.stalker.com Message #106101
From: Marcel Hochuli <mhochuli@a-f.ch>
Subject: hack attempt recognition?
Date: Mon, 4 Jul 2016 12:03:39 +0000
To: CommuniGate Pro Discussions <cgatepro@mail.stalker.com>
Hi

I get thousands of hack attempts that try to brake an account with clear text. clear text is deactivated. And the particular email account is disabled, too.

But the vicious IP address gets never blocked. It can hack our mailserver during many days.

I can block the IP address, but a few days later, a new source IP does the same hacking.

Is there a setting that I miss, to block the IP automatically?


07:59:09.273 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:49340 rejected: 'clear text' login prohibited
07:59:13.608 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:51947 rejected: 'clear text' login prohibited
07:59:17.902 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:54314 rejected: 'clear text' login prohibited
07:59:22.223 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:56451 rejected: 'clear text' login prohibited
07:59:26.537 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:58883 rejected: 'clear text' login prohibited
07:59:30.871 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:61306 rejected: 'clear text' login prohibited
07:59:35.445 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:63772 rejected: 'clear text' login prohibited
07:59:39.830 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:49671 rejected: 'clear text' login prohibited
07:59:44.118 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:51685 rejected: 'clear text' login prohibited
07:59:49.178 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:53867 rejected: 'clear text' login prohibited
07:59:53.728 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:56576 rejected: 'clear text' login prohibited
07:59:58.050 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:58178 rejected: 'clear text' login prohibited
08:00:02.423 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:60796 rejected: 'clear text' login prohibited
08:00:06.743 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:62490 rejected: 'clear text' login prohibited
08:00:09.523 2 TRIGGERHANDLER(warn) TRIGGER(rejectedOnMethodAUTHs) 14: 5 in 60 sec
08:00:09.523 2 TRIGGERHANDLER(warn) TRIGGER(rejectedOnMethodAUTHs) notification E-mail sent
08:00:11.569 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:64666 rejected: 'clear text' login prohibited
08:00:16.646 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:50551 rejected: 'clear text' login prohibited
08:00:21.056 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:52718 rejected: 'clear text' login prohibited
08:00:25.383 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:54463 rejected: 'clear text' login prohibited
08:00:29.836 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:56942 rejected: 'clear text' login prohibited
08:00:34.469 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:58937 rejected: 'clear text' login prohibited
08:00:39.736 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:60958 rejected: 'clear text' login prohibited
08:00:44.709 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:63058 rejected: 'clear text' login prohibited
08:00:49.380 1 ACCOUNT(hidden) login(SMTP) from [46.183.221.62]:49232 rejected: 'clear text' login prohibited


+---
mailto:mhochuli@a-f.ch
otherto:noway@a-f.ch
_______________________________________



Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster