(Slightly off-topic, please forgive me and/or direct me to the proper forum.)
On our POP3 server (Qpopper 4.0.3, 20,000+ accounts and 250,000+ accesses per day) we have seen probes since day 1 but nowadays we observe an insane amount of POP3 login attempts using the (non-existing) "aaaaaaaaa" user name (9 "a"s). Our site has already seen more than 10,000 connection attempts to "aaaaaaaaa" from midnight till 3 pm and they're really coming from all over the globe. I'll start systematically shutting those addresses out using TCP wrappers. I'd appreciate if a couple of large POP3 server managers check their logfiles and tell me whether they're also experiencing this phenomenon. Thx, Eric Luyten, Computing Centre VUB/ULB.
