Disable AUTH only on SMTP (25) port. Allow on 587.

Post your MailEnable suggestions here.
Post Reply
fbmaxwell
Posts: 24
Joined: Mon Apr 14, 2014 3:52 pm

Disable AUTH only on SMTP (25) port. Allow on 587.

Post by fbmaxwell »

Suggestion:
  1. Provide a means to disable AUTH only on SMTP port (25) while leaving it enabled on the alternate port (typically Submission port: 587).
  2. Provide a way to auto-ban any IP that attempts even a single AUTH command on the SMTP port.

Rationale:
The availability of the AUTH command on the SMTP port provides a vector for dictionary attacks.
  • The attacks can be focused on specific usernames, such as support, sales, info, or abuse, based on knowledge of the existence of an e-mail address.
  • Or they can be unfocused, using a dictionary against both the username and password.
  • A normal, legitimate mail server is never going to attempt an AUTH command when delivering e-mail to domain via SMTP. Thus, auto-banning IP addresses would immediately shut down attacks without impacting normal email delivery.
  • That would the local users authenticate and send e-mail on the Submission port (which could be moved from 587 to thwart attacks) while hardening the SMTP port against dictionary attacks.
My MailEnable SMTP server recently underwent a three-day long dictionary attack from multiple different IP addresses all over the world -- a bot network. I've got tens of thousands of lines in my log file like these:

Code: Select all

06/09/14 19:24:50   SMTP-IN   3E7720C1369548A5B60C2D775328B55E.MAI    764  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:50   SMTP-IN   5E1F84FDF67E4EA0BCBB6AD916E6A9A6.MAI    812  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:50   SMTP-IN   A59B13474D164E7D8EE65DCA2BC37AB2.MAI    836  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:50   SMTP-IN   78300FA65ECE4FBBAC9292C8D4D7AA8B.MAI    936  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:50   SMTP-IN   3E7720C1369548A5B60C2D775328B55E.MAI    764  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:50   SMTP-IN   5E1F84FDF67E4EA0BCBB6AD916E6A9A6.MAI    812  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:50   SMTP-IN   A59B13474D164E7D8EE65DCA2BC37AB2.MAI    836  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:50   SMTP-IN   3E7720C1369548A5B60C2D775328B55E.MAI    764  24.97.44.66    AUTH YmVzYWRtaW4=   504 Invalid Username or Password   34   14   sales
06/09/14 19:24:50   SMTP-IN   484DD0396D98414CBCD51CD98BF11473.MAI    928  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:50   SMTP-IN   5E1F84FDF67E4EA0BCBB6AD916E6A9A6.MAI    812  24.97.44.66    AUTH QkVTQWRtaW4=   504 Invalid Username or Password   34   14   sales
06/09/14 19:24:50   SMTP-IN   A59B13474D164E7D8EE65DCA2BC37AB2.MAI    836  24.97.44.66    AUTH cGE1NXdvcmQ=   504 Invalid Username or Password   34   14   sales
06/09/14 19:24:51   SMTP-IN   484DD0396D98414CBCD51CD98BF11473.MAI    928  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:51   SMTP-IN   F60301D1E01C4FE68C57A706518E50A9.MAI    944  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:51   SMTP-IN   61E896C5079F441290298924FF64B4C5.MAI    824  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:51   SMTP-IN   F60301D1E01C4FE68C57A706518E50A9.MAI    944  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:51   SMTP-IN   145CB2FEB8BF402DA8A5FB801E3882D3.MAI    780  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:51   SMTP-IN   477B150A3CC345CE80FDB79393038467.MAI    776  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:51   SMTP-IN   D988485D57AB44A39EA5CC06E791E9B6.MAI    1080 24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:51   SMTP-IN   7DD7DDB4A61144CBBF51F1D8315B8E0D.MAI    712  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:51   SMTP-IN   13D58A561F634F308C5FC8824F385A9B.MAI    768  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:51   SMTP-IN   F60301D1E01C4FE68C57A706518E50A9.MAI    944  24.97.44.66    AUTH QkVTQSBkbWlu   504 Invalid Username or Password   34   14   sales
06/09/14 19:24:52   SMTP-IN   78300FA65ECE4FBBAC9292C8D4D7AA8B.MAI    936  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:52   SMTP-IN   779C985DE5964A6B8AE0CBB2338F7595.MAI    740  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:52   SMTP-IN   61E896C5079F441290298924FF64B4C5.MAI    824  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:52   SMTP-IN   477B150A3CC345CE80FDB79393038467.MAI    776  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:52   SMTP-IN   145CB2FEB8BF402DA8A5FB801E3882D3.MAI    780  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:52   SMTP-IN   D988485D57AB44A39EA5CC06E791E9B6.MAI    1080 24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:52   SMTP-IN   13D58A561F634F308C5FC8824F385A9B.MAI    768  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:52   SMTP-IN   7DD7DDB4A61144CBBF51F1D8315B8E0D.MAI    712  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:52   SMTP-IN   78300FA65ECE4FBBAC9292C8D4D7AA8B.MAI    936  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:52   SMTP-IN   779C985DE5964A6B8AE0CBB2338F7595.MAI    740  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:52   SMTP-IN   78300FA65ECE4FBBAC9292C8D4D7AA8B.MAI    936  24.97.44.66    AUTH MTIzNDU2Nzg5   504 Invalid Username or Password   34   14   sales
06/09/14 19:24:52   SMTP-IN   484DD0396D98414CBCD51CD98BF11473.MAI    928  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:53   SMTP-IN   DA37C13191EB46628CE1FAFAC3701247.MAI    952  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:53   SMTP-IN   484DD0396D98414CBCD51CD98BF11473.MAI    928  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:53   SMTP-IN   484DD0396D98414CBCD51CD98BF11473.MAI    928  24.97.44.66    AUTH MTIzNDU2Nzg=   504 Invalid Username or Password   34   14   sales
06/09/14 19:24:53   SMTP-IN   DA37C13191EB46628CE1FAFAC3701247.MAI    952  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:53   SMTP-IN   FD7BBD8CA02042A5AE782CF43283634D.MAI    872  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:53   SMTP-IN   477B150A3CC345CE80FDB79393038467.MAI    776  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:53   SMTP-IN   D988485D57AB44A39EA5CC06E791E9B6.MAI    1080 24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:54   SMTP-IN   61E896C5079F441290298924FF64B4C5.MAI    824  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:54   SMTP-IN   13D58A561F634F308C5FC8824F385A9B.MAI    768  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:54   SMTP-IN   145CB2FEB8BF402DA8A5FB801E3882D3.MAI    780  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:54   SMTP-IN   477B150A3CC345CE80FDB79393038467.MAI    776  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:54   SMTP-IN   7DD7DDB4A61144CBBF51F1D8315B8E0D.MAI    712  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:54   SMTP-IN   6CF8E58874BA42DCAAA39B9144E4E7C8.MAI    980  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:54   SMTP-IN   FD7BBD8CA02042A5AE782CF43283634D.MAI    872  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:54   SMTP-IN   D988485D57AB44A39EA5CC06E791E9B6.MAI    1080 24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:54   SMTP-IN   13D58A561F634F308C5FC8824F385A9B.MAI    768  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:54   SMTP-IN   61E896C5079F441290298924FF64B4C5.MAI    824  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:54   SMTP-IN   145CB2FEB8BF402DA8A5FB801E3882D3.MAI    780  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:54   SMTP-IN   C7E286BBECB44A75886528D3956191C9.MAI    1028 24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:54   SMTP-IN   477B150A3CC345CE80FDB79393038467.MAI    776  24.97.44.66    AUTH MTIzNA==  504 Invalid Username or Password   34   10   sales
06/09/14 19:24:54   SMTP-IN   7DD7DDB4A61144CBBF51F1D8315B8E0D.MAI    712  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:54   SMTP-IN   779C985DE5964A6B8AE0CBB2338F7595.MAI    740  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:54   SMTP-IN   D988485D57AB44A39EA5CC06E791E9B6.MAI    1080 24.97.44.66    AUTH MTIzNDU2  504 Invalid Username or Password   34   10   sales
06/09/14 19:24:54   SMTP-IN   4FA5FE8CAF5842D49980B2A49C6DF754.MAI    992  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:54   SMTP-IN   13D58A561F634F308C5FC8824F385A9B.MAI    768  24.97.44.66    AUTH MTI= 504 Invalid Username or Password   34   6    sales
06/09/14 19:24:54   SMTP-IN   61E896C5079F441290298924FF64B4C5.MAI    824  24.97.44.66    AUTH MTIzNDU2Nw==   504 Invalid Username or Password   34   14   sales
06/09/14 19:24:54   SMTP-IN   145CB2FEB8BF402DA8A5FB801E3882D3.MAI    780  24.97.44.66    AUTH MTIzNDU=  504 Invalid Username or Password   34   10   sales
06/09/14 19:24:54   SMTP-IN   6CF8E58874BA42DCAAA39B9144E4E7C8.MAI    980  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:54   SMTP-IN   F49A40585E7F4B9E8F3E304267405E34.MAI    1004 24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:55   SMTP-IN   4FA5FE8CAF5842D49980B2A49C6DF754.MAI    992  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:55   SMTP-IN   DA37C13191EB46628CE1FAFAC3701247.MAI    952  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:55   SMTP-IN   9AB4A84D6B1F4ED39E1DAE0F318B07E5.MAI    1048 24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:55   SMTP-IN   C7E286BBECB44A75886528D3956191C9.MAI    1028 24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:55   SMTP-IN   7DD7DDB4A61144CBBF51F1D8315B8E0D.MAI    712  24.97.44.66    AUTH MTIz 504 Invalid Username or Password   34   6    sales
06/09/14 19:24:55   SMTP-IN   DA37C13191EB46628CE1FAFAC3701247.MAI    952  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:55   SMTP-IN   F49A40585E7F4B9E8F3E304267405E34.MAI    1004 24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:56   SMTP-IN   779C985DE5964A6B8AE0CBB2338F7595.MAI    740  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:56   SMTP-IN   9AB4A84D6B1F4ED39E1DAE0F318B07E5.MAI    1048 24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:56   SMTP-IN   DA37C13191EB46628CE1FAFAC3701247.MAI    952  24.97.44.66    AUTH MA== 504 Invalid Username or Password   34   6    sales
06/09/14 19:24:56   SMTP-IN   25950676306F4D79A9834E1874BE2829.MAI    1012 24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:56   SMTP-IN   6CF8E58874BA42DCAAA39B9144E4E7C8.MAI    980  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:56   SMTP-IN   4FA5FE8CAF5842D49980B2A49C6DF754.MAI    992  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:56   SMTP-IN   6CF8E58874BA42DCAAA39B9144E4E7C8.MAI    980  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:56   SMTP-IN   779C985DE5964A6B8AE0CBB2338F7595.MAI    740  24.97.44.66    AUTH MQ== 504 Invalid Username or Password   34   6    sales
06/09/14 19:24:56   SMTP-IN   7A487B8FB06D4563BB284AEFEC224802.MAI    612  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:57   SMTP-IN   4FA5FE8CAF5842D49980B2A49C6DF754.MAI    992  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:57   SMTP-IN   6CF8E58874BA42DCAAA39B9144E4E7C8.MAI    980  24.97.44.66    AUTH QGRtaW4=  504 Invalid Username or Password   34   10   sales
06/09/14 19:24:57   SMTP-IN   8AE3FB48B05A47029779F7F0616214B7.MAI    184  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:57   SMTP-IN   25950676306F4D79A9834E1874BE2829.MAI    1012 24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:57   SMTP-IN   D12444D8E8174BABA72951F25C489B4D.MAI    1052 24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:57   SMTP-IN   4FA5FE8CAF5842D49980B2A49C6DF754.MAI    992  24.97.44.66    AUTH UEBzcw==  504 Invalid Username or Password   34   10   sales
06/09/14 19:24:57   SMTP-IN   7A487B8FB06D4563BB284AEFEC224802.MAI    612  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:57   SMTP-IN   4381E239AEC242209E0B27CC880FB355.MAI    860  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:57   SMTP-IN   8AE3FB48B05A47029779F7F0616214B7.MAI    184  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:57   SMTP-IN   7F9FDB1683174DF7860C28E1B8543846.MAI    900  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:57   SMTP-IN   9AB4A84D6B1F4ED39E1DAE0F318B07E5.MAI    1048 24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:57   SMTP-IN   FD7BBD8CA02042A5AE782CF43283634D.MAI    872  24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:57   SMTP-IN   D12444D8E8174BABA72951F25C489B4D.MAI    1052 24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:58   SMTP-IN   9AB4A84D6B1F4ED39E1DAE0F318B07E5.MAI    1048 24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:58   SMTP-IN   FD7BBD8CA02042A5AE782CF43283634D.MAI    872  24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:58   SMTP-IN   4381E239AEC242209E0B27CC880FB355.MAI    860  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:58   SMTP-IN   8A1233EB9749404BACA332130180F993.MAI    796  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:58   SMTP-IN   B053041B909E47FEB6FD58EE82B1FE53.MAI    740  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:58   SMTP-IN   C7E286BBECB44A75886528D3956191C9.MAI    1028 24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:58   SMTP-IN   F49A40585E7F4B9E8F3E304267405E34.MAI    1004 24.97.44.66    AUTH AUTH LOGIN     334 VXNlcm5hbWU6    18   12   
06/09/14 19:24:58   SMTP-IN   7F9FDB1683174DF7860C28E1B8543846.MAI    900  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:58   SMTP-IN   9AB4A84D6B1F4ED39E1DAE0F318B07E5.MAI    1048 24.97.44.66    AUTH Z29k 504 Invalid Username or Password   34   6    sales
06/09/14 19:24:58   SMTP-IN   DFF488A3AAF744068D89B952BD18F1CE.MAI    832  24.97.44.66              220 smtp.{my domain name redacted} ESMTP Service Ready   0    0    
06/09/14 19:24:58   SMTP-IN   FD7BBD8CA02042A5AE782CF43283634D.MAI    872  24.97.44.66    AUTH MTExMTEx  504 Invalid Username or Password   34   10   sales
06/09/14 19:24:58   SMTP-IN   C7E286BBECB44A75886528D3956191C9.MAI    1028 24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:58   SMTP-IN   F49A40585E7F4B9E8F3E304267405E34.MAI    1004 24.97.44.66    AUTH {blank}   334 UGFzc3dvcmQ6    18   10   sales
06/09/14 19:24:58   SMTP-IN   8A1233EB9749404BACA332130180F993.MAI    796  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11   
06/09/14 19:24:58   SMTP-IN   B053041B909E47FEB6FD58EE82B1FE53.MAI    740  24.97.44.66    EHLO EHLO HCSM 250-{my domain name redacted} [24.97.44.66], this server offers 4 extensions 120  11
That represents three days of stolen bandwidth, massive log files, and mail server denial of service for local users (too many simultaneous connections).
Top
Post Reply

Return to “Suggestions”