Received-SPF: none
 receiver=mail.stalker.com; client-ip=24.227.122.2; envelope-from=david@technospider.com
Mime-Version: 1.0 (Apple Message framework v753)
In-Reply-To: <list-42475877@mail.stalker.com>
References: <list-42475877@mail.stalker.com>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <39E2195C-8209-4DF6-BC01-1D92E1906A5B@technospider.com>
Content-Transfer-Encoding: 7bit
From: David Muszynski <david@technospider.com>
Subject: Re: How to blacklist a client IP?
Date: Mon, 21 Jan 2008 09:58:50 -0500
To: "SIMS Discussions" <SIMS@mail.stalker.com>


On Jan 21, 2008, at 9:52 AM, Alan Summerfield wrote:

> Hi,
>
> it's a few years since I had anything to do with the SIMS mailing list
> but it's good to see that it's still active.
>
> I'm back as I have a problem with a "client" at 71.140.125.37 who has
> since last night, been trying to get into the accounts by going  
> through
> hundreds of username/password combinations. Here's a log extract:
>
> 11:14:21 0 SYSTEM Account {consult} Resources open failed. Error  
> Code=-43
> 11:14:21 1 POP {consult} is not open: password(eagle) is wrong.
> Connection from [71.140.125.37:14341]
>
> I've put 71.140.125.37 in the "Blacklisted Adresses" of the SMTP  
> control
> panel, to no effect.
>
> What else can I do? Usernames beginning with "C" are being tried at  
> the
> moment and I suspect it won't stop until it's reached "Z"...
>
> Alan Summerfield
>
>


Have you tried blacklisting the IP at your border device?
--
Thanks,
David
http://www.FloridaPets.org
321.961.5281