Sujet : Re: 83.222.190.50 from Sopot, Bulgaria using braindead hacking software
De : noc (at) *nospam* inter-corporate.com (Randolf Richardson 張文道)
Groupes : news.admin.net-abuse.emailDate : 30. Aug 2024, 04:47:27
Autres entêtes
Organisation : Inter-Corporate Computer & Network Services, Inc. -- Simplifying complexity
Message-ID : <20240829204727.5ce8941afc2f69431d6a6e5e@inter-corporate.com>
References : 1 2
User-Agent : Sylpheed 3.7.0 (GTK+ 2.24.33; x86_64-pc-linux-gnu)
On Thu, 29 Aug 2024 18:06:54 -0000 (UTC)
Edward McGuire <
metaed@metaed.com> wrote:
On 2024-08-29, Randolf Richardson 張文道 <noc@inter-corporate.com> wrote:
I'm seeing a lot of hacking attempts from 83.222.190.50 [...] I recommend
permanently blocking this IP address
My mail server autoblocked this address 45 days ago. The log has recycled since
They're probably focusing on one or a small number of target
mail servers at a time. I wonder if they have concerns about
resource limits or if they're just paranoid about attracting
too much attention.
then so I can't say exactly what rule snagged it. Generally it's something like
"SASL authentication failed".
I'd say it's very likely as you suspect. That's what we saw.
-- Randolf Richardson 張文道, CNA - noc@inter-corporate.comInter-Corporate Computer & Network Services, Inc.Beautiful British Columbia, Canadahttps://www.inter-corporate.com/