Public bug reported:
This may not be a bug but it is a failure.
400 rejects+ in 1 day counted. Others are blocked.
Working system but not blocking this attacker.
It seems he is trying to do a relay and is being rebuffed but keeps trying.
One of 600 plus log entries:
---------------------------------------
Apr 24 08:11:51 suzi3 postfix/smtpd[6255]: connect from
sender217.zohocrm.com[74.201.84.217]
Apr 24 08:11:51 suzi3 postfix/smtpd[6255]: NOQUEUE: reject: RCPT from
sender217.zohocrm.com[74.201.84.217]: 454 4.7.1 <[email protected]>:
Relay access denied;
from=<[email protected]>
to=<[email protected]> proto=ESMTP helo=<sender217.zohocrm.com>
---------------------------------------
It also looks like “zohocrm.com” may try this worldwide.
I blocked him at my Cisco firewall, which counts the attack, 24 more in the
last hour.
Thank you
James Duhl
[email protected]
** Affects: fail2ban (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574968
Title:
400 rejects in 1 day not counted. Others do work.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/1574968/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
