Looks rather like a scanning attack (finding vulnerabilities). I think they are 
trying to do a SSL type of attack like HEARTBLEED but your server isn't 
Looks also like they are sending HTTP requests (encapsulated in SSL/TLS) to a 
mail server, which seems to be a extremely stupid bot scanner.

Its clear from the log, the attacker isn't even attemping to authenticate (0 
attempts). The attacker hasn't propably not even realized he is connecting to a 
mail server.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to