Am 17.10.2011 17:13, schrieb Simon Brereton: > Hi > > This is a new one on me - I've never seen spammers attempt to use to SASL > Auth to inject spam. Has anyone else seen this? > > Oct 17 15:07:16 mail postfix/smtpd[14422]: connect from unknown[208.86.147.92] > Oct 17 15:07:16 mail dovecot: auth(default): > passdb(newslet...@mydomain.net,208.86.147.92): Attempted login with password > having illegal chars > Oct 17 15:07:17 mail dovecot: pop3-login: Disconnected (auth failed, 1 > attempts): user=<t...@mydomain.net>, method=PLAIN, rip=208.86.147.92, > lip=83.170.64.84 > Oct 17 15:07:18 mail postfix/smtpd[14403]: warning: 208.86.147.92: hostname > default-208-86-147-92.nsihosting.net verification failed: Name or service not > known
yes, dictionary attacks on all sort of ports are common
signature.asc
Description: OpenPGP digital signature
