Deluge of SMTP Hacker Logon Attempts

Discussions on webmail and the Professional version.
Post Reply
bellaonline
Posts: 103
Joined: Tue Feb 28, 2006 7:15 am

Deluge of SMTP Hacker Logon Attempts

Post by bellaonline » Thu Nov 21, 2019 9:11 pm

I just switched servers with my MailEnable professional install. As per the instructions, I left MailEnable SMTP running on the old server during the transition, to catch any messages as all the entries redirected. At this point mail is running smoothly on my new server. All the URLs are pointing to the new server. So I went to the old server expecting the SMTP logs to be dwindling down toward zero.

Instead, the SMTP logs are still nearly as large. And when I opened up the log file for yesterday, it is nearly 100% hackers trying to log in with all sorts of fake usernames. I have 240,876 rows in that one day log file just line after line of hackers trying to get in.

So it's just line after line of things like

# ME-I0135: Authenticating User:svn1@URLWEBSITE.com using Authentication Provider Credentials failed (unknown user)
SMTP-IN 993D3E9361B446C8963F1F61747453DD.MAI 968 46.38.144.17 AUTH MQ== 535 Invalid Username or Password 34 6 svn1@URLWESITE.com

There is probably some way to rein this in. Any suggestions? It can't be good for my server heath to be deluged with this non-stop all day every day :).

Lisa

Post Reply