|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
large amounts of disconnects
From: Roman Novak - roman.novak
iskrasistemi.si (roman.novakiskrasistemi.si)
Date: Mon Jan 01 2007 - 06:34:36 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello.
In last 2 weeks i am noticing enormous amounts of strange connections
to mail server from all over the world. An example from logs:
Jan 1 13:09:03 mercury postfix/smtpd[22974]: connect from
157.Red-81-33-236.dynamicIP.rima-tde.net[81.33.236.157]
Jan 1 13:09:03 mercury postfix/smtpd[22974]: lost connection after EHLO
from 157.Red-81-33-236.dynamicIP.rima-tde.net[81.33.236.157]
Jan 1 13:09:03 mercury postfix/smtpd[22974]: disconnect from
157.Red-81-33-236.dynamicIP.rima-tde.net[81.33.236.157]
Transcript of session follows.
Out: 220 mercury.mydomain.net ESMTP something
In: EHLO
Out: 501 Syntax: EHLO hostname
Session aborted, reason: lost connection
Right now it is just filling my logs, but the amount is 2-3 times larger
than normal volume of spam probes.
Is anybody else getting this?
Is this some new spam/malware going around and probing mail servers or
can this be some mis-configuration or performance problem?
Regards,
Roman
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]