Multiple login attempts from this and other 14.208.***.*** IP's see mail log below: Oct 18 10:10:31 ns1 postfix/smtpd[30722]: connect from unknown[14.208.71.130] Oct 18 10:10:32 ns1 postfix/smtpd[23383]: connect from unknown[14.208.71.130] Oct 18 10:10:35 ns1 postfix/smtpd[30722]: warning: unknown[14.208.71.130]: SASL LOGIN authentication failed: authentication failure Oct 18 10:10:36 ns1 postfix/smtpd[30722]: lost connection after AUTH from unknown[14.208.71.130] Oct 18 10:10:36 ns1 postfix/smtpd[30722]: disconnect from unknown[14.208.71.130] Oct 18 10:10:37 ns1 postfix/smtpd[23383]: warning: unknown[14.208.71.130]: SASL LOGIN authentication failed: authentication failure Oct 18 10:10:37 ns1 postfix/smtpd[23383]: lost connection after AUTH from unknown[14.208.71.130] Oct 18 10:10:37 ns1 postfix/smtpd[23383]: disconnect from unknown[14.208.71.130] Oct 18 10:11:22 ns1 postfix/smtpd[23371]: connect from unknown[14.208.71.130] Oct 18 10:11:24 ns1 postfix/smtpd[30730]: connect from unknown[14.208.71.130] Oct 18 10:11:25 ns1 postfix/smtpd[23371]: warning: unknown[14.208.71.130]: SASL LOGIN authentication failed: authentication failure Oct 18 10:11:26 ns1 postfix/smtpd[23371]: lost connection after AUTH from unknown[14.208.71.130] Oct 18 10:11:26 ns1 postfix/smtpd[23371]: disconnect from unknown[14.208.71.130] Oct 18 10:11:32 ns1 postfix/smtpd[30730]: warning: unknown[14.208.71.130]: SASL LOGIN authentication failed: authentication failure Oct 18 10:11:35 ns1 postfix/smtpd[30730]: lost connection after AUTH from unknown[14.208.71.130] Oct 18 10:11:35 ns1 postfix/smtpd[30730]: disconnect from unknown[14.208.71.130] I am using fail2ban to ban these IP's but the people responsible keep changing IP
Please help us keep Internet safer and cleaner by leaving a descriptive comment about 14.208.71.130 IP address
- Hacked Gmail accounts
- WordPress Hacking Attempts
- SSH Hacking Attempts
- Why Can't I See The Exact Address?
DNSBL* - is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.
WHOIS** - is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. WHOIS lookups were traditionally performed with a command line interface application, and network administrators predominantly still use this method, but many simplified web-based tools exist. WHOIS services are typically communicated using the Transmission Control Protocol (TCP). Servers listen to requests on the well-known port number 43.
** Approximate Geographic Location - This is NOT the exact geographical location of the person/organization with the given IP address. However, this should still give you a good idea about the area/region where this person/orgranization is located.