Updating to the latest release will add an ip address to that log entry.
Failing that you'd need to grep mail.log for -1292375152: to find the ip
address but that will only work for a recent one.
A wiser option is probably to ensure you have set:
This will automatically lockout ip addresses that keep trying to guess
passwords, don't set it too low!!!, and if your users all connect via
a common ip address/gateway then don't use it of course :-)
On 9/17/2015 1:45 AM, surgemailHIDDEN@etwinsite.com wrote:
> i've started getting a lot of attempted imap logins which show up in
> 16 08:01:29.00:-1292375152: imap:HIDDEN@m password wrong or not a
> valid user
> address has been obfuscated above, but it is not a valid user in the
> domain, which IS valid.
> since this is happening repeatedly with the same credentials, i like
> to find the originating ip address of these attempts so i can block
> them using iptables.
> where might i find this info?
> david camm
> advanced web systems
> keller, tx
Last Message | Next Message
Site Map |
Contact Netwin |
POP3 Mail Server |
Linux Webmail |
UnInstall instructions for all products
Copyright © 2017 Netwin Ltd. All rights reserved.