MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
November
Sun Mon Tue Wed Thu Fri Sat
         
25 26 27 28 29 30
2024
Months
NovDec


Fri, Sep 22, 2017 11:18 pm

Failed POP3 login attempts from 94.136.51.56

While checking the mail log file, /var/log/maillog, on an email server today, I noticed an attempted login from an IP address in an address range I didn't recognize. The entry in the log file contained the following text:

dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=94.136.51.56

I checked the country associated with the 94.136.51.56 IP address (ds7247.dedicated.turbodns.co.uk) with geoiplookup (you can install the GeoIP package on a CentOS Linux system with yum install GeoIP) and found it was an address assigned to an entity in Great Britain.

$ geoiplookup 94.136.51.56
GeoIP Country Edition: GB, United Kingdom
$

[ More Info ]

[/security/attacks/pop3] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo