Could well be a Netscape user; the version before the current one, with patches, would improperly try to do AUTH if it saw that tag in response to the EHLO command.
----- Original Message ----- From: <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Thursday, October 03, 2002 9:04 AM Subject: IMC Error - Again > I'm reposting this again, being pushed here to find an answer for it. > > Does this error seem to suggest that someone is trying to get into our smtp > server? This is no evenid listed for this one. > > > Severity: Error > Status: New > Source: MSExchangeIMC > Name: Authentication attempt (AUTH %1) from %2 failed: %3() call failed > with error: %4 > Description: Authentication attempt (AUTH ntlm) from 128.134.25.180 failed: > HrAccept() call failed with error: Logon failure: unknown user name or bad > password. > > Domain: BLAIRNET > Agent: EXCHSMTP1 > Time: 10/03/2002 01:53:45 > Owner: > (view with > http://MOMSRV/OnePointOperations/PropertySheet.asp?database=MOMSRV&target={4 > 35762EC-BAA2-4DA8-867F-5122101127FD}&t=alert) > > > Thanks, > > Dot Harris > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]