thanks for the updates!
Marcus
users@sogo.nu (mj), 2018.11.10 (Sat) 12:20 (CET):
> A last update:
>
> Inverse has changed this situation is logged to a more meaningful message.
> See this commit:
>
> https://github.com/inverse-inc/sogo/commit/8734ee74861f8ec0498d78a1a39c3d1f1718df4d
>
> MJ
>
A last update:
Inverse has changed this situation is logged to a more meaningful
message. See this commit:
https://github.com/inverse-inc/sogo/commit/8734ee74861f8ec0498d78a1a39c3d1f1718df4d
MJ
On 11/9/18 5:47 PM, mj (li...@merit.unu.edu) wrote:
An update on this, for the archives.
SOGo su
An update on this, for the archives.
SOGo support is telling me:
If the IP addresses are legit, it them means their session has expired.
So the entires in both memcached/the database for the user session are gone,
while the user tries to use it again.
There's nothing to worry about, it just
Hi Christian,
Thanks.
On 5-11-2018 10:34, Christian Mack (christian.m...@uni-konstanz.de) wrote:
We still see those entries and had never problems with them.
I guess you are also using something (like apache) in front of sogo.
Have you also checked the apache logs, to see if you can find a
Hi
We do not use SAML for SOGo.
We do use Shibboleth for our Website though.
But I do not think that is related.
We still see those entries and had never problems with them.
Kind regards,
Christian Mack
Am 02.11.18 um 19:17 schrieb mj (li...@merit.unu.edu):
> Hi Christian,
>
> Thanks for taki
Hi Christian,
Thanks for taking the time to repy. Inverse is suggesting that they
might perhaps be timed-out SAML sessions. (we have been trying sogo with
SAML auth in a test setup)
Are you by any chance also using saml auth? (or have you been using it?)
Reassuring that you see them as well,
Hi
We also get those several dozen times a day.
They are normal.
A friend of mine hinted, that these are access checks from the great
chinese firewall.
Kind regards,
Christian Mack
Am 01.11.18 um 13:43 schrieb mj (li...@merit.unu.edu):
> Hi Marcus,
>
> Thanks very much for your reply. We have
Hi Marcus,
Thanks very much for your reply. We have apache in front of sogo, and as
fas as I can see, apache is logging nothing special at the time of these
authentication attempts.
We had 5 of these auth attempts this morning at 06:01. Here are some
more (probably too many) logs from sogo,
users@sogo.nu (mj), 2018.10.31 (Wed) 15:16 (CET):
> We have noticed lines like the following in our sogo logs:
> > Wed Oct 31 12:33:06 CET 2018 Oct 31 12:33:06 sogod [25987]:
> > <0x0x55e5d005b120[SOGoWebAuthenticator]> tried wrong password for
> > user
> > '+xIpPJifKpSoK0Yez1t6b3G/5wmx7uWGx7RbDKRo
Hi,
We have noticed lines like the following in our sogo logs:
Wed Oct 31 12:22:22 CET 2018 Oct 31 12:22:22 sogod [25985]:
<0x0x55e5d01df1a0[SOGoWebAuthenticator]> tried wrong password for user
'XBlOMdQZDvM5f86H7iBtmUiCFCxPrvGxVW25E3BHqzga7DU7Kh62fRJ/8hRQ/lwJvJlnygErqla35o8qv3DADhZ85cVGzJIXy+
10 matches
Mail list logo