On 11:59 AM, John Espiro wrote: > > On 1/27/2011 7:56 PM, Mark Sapiro wrote: >> Are you able to get your mail via your pop client? > Yes. >> If so, the log messages are from other attempts (probably by crackers >> trying to guess passwords on your system) to log in. Is there a "rip=" >> in the log messages giving the IP of the originator? If so, is it yours? > There is a "rip" and it's my IP address. I've got fail2ban and > denyhosts running very tightly, and so far, no one has even attempted to > log in to my mail accounts (ssh is a whole other story :)
So you successfully get mail via your pop client in spite of the above. My guess is somehow the client first tries plain authentication without STARTTLS before trying STARTTLS. In my case with pop3 and T'bird I use Port 995 Connection security: SSL/TLS Authentication: Normal password I haven't tried port 110 and STARTTLS (mostly I use IMAP anyway). -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan