hallo
bin gerade dabei noch sachen zu verstellen an meinem server und schaue dabei so in die log Dateien uns sehe wie scheinbar irgend jemand versucht was mit meinem mail server zu veranstalten.
ist das normal? ich schaue nicht ständig in die logs, aber so was ist mir bis jetzt noch nicht aufgefallen.
whois gibt mir das dazu aus:
will da so nen chinamann spam über meinen server versenden?
wird er aber nicht hin bekommen.
Gruß
Matthias
bin gerade dabei noch sachen zu verstellen an meinem server und schaue dabei so in die log Dateien uns sehe wie scheinbar irgend jemand versucht was mit meinem mail server zu veranstalten.
Code:
Jun 2 16:24:43 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](roger,211.160.19.250): No record for user
Jun 2 16:24:43 mac-server dovecot[7307]: auth(default): od(roger,211.160.19.250): lookup failed for user: roger
Jun 2 16:24:46 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](helen,211.160.19.250): No record for user
Jun 2 16:24:46 mac-server dovecot[7307]: auth(default): od(helen,211.160.19.250): lookup failed for user: helen
Jun 2 16:24:50 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](bill,211.160.19.250): No record for user
Jun 2 16:24:50 mac-server dovecot[7307]: auth(default): od(bill,211.160.19.250): lookup failed for user: bill
Jun 2 16:24:53 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](tamara,211.160.19.250): No record for user
Jun 2 16:24:53 mac-server dovecot[7307]: auth(default): od(tamara,211.160.19.250): lookup failed for user: tamara
Jun 2 16:24:56 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](football,211.160.19.250): No record for user
Jun 2 16:24:56 mac-server dovecot[7307]: auth(default): od(football,211.160.19.250): lookup failed for user: football
Jun 2 16:24:59 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](edward,211.160.19.250): No record for user
Jun 2 16:24:59 mac-server dovecot[7307]: auth(default): od(edward,211.160.19.250): lookup failed for user: edward
Jun 2 16:25:02 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](open,211.160.19.250): No record for user
Jun 2 16:25:02 mac-server dovecot[7307]: auth(default): od(open,211.160.19.250): lookup failed for user: open
Jun 2 16:25:05 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](soleil,211.160.19.250): No record for user
Jun 2 16:25:05 mac-server dovecot[7307]: auth(default): od(soleil,211.160.19.250): lookup failed for user: soleil
Jun 2 16:25:08 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](phil,211.160.19.250): No record for user
Jun 2 16:25:08 mac-server dovecot[7307]: auth(default): od(phil,211.160.19.250): lookup failed for user: phil
Jun 2 16:25:11 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](marie,211.160.19.250): No record for user
Jun 2 16:25:11 mac-server dovecot[7307]: auth(default): od(marie,211.160.19.250): lookup failed for user: marie
Jun 2 16:25:14 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](online,211.160.19.250): No record for user
Jun 2 16:25:14 mac-server dovecot[7307]: auth(default): od(online,211.160.19.250): lookup failed for user: online
Jun 2 16:25:17 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](anna,211.160.19.250): No record for user
Jun 2 16:25:17 mac-server dovecot[7307]: auth(default): od(anna,211.160.19.250): lookup failed for user: anna
Jun 2 16:25:20 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](paris,211.160.19.250): No record for user
Jun 2 16:25:20 mac-server dovecot[7307]: auth(default): od(paris,211.160.19.250): lookup failed for user: paris
Jun 2 16:25:23 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](training,211.160.19.250): No record for user
Jun 2 16:25:23 mac-server dovecot[7307]: auth(default): od(training,211.160.19.250): lookup failed for user: training
Jun 2 16:25:26 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](canon,211.160.19.250): No record for user
Jun 2 16:25:26 mac-server dovecot[7307]: auth(default): od(canon,211.160.19.250): lookup failed for user: canon
Jun 2 16:25:29 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](caroline,211.160.19.250): No record for user
Jun 2 16:25:29 mac-server dovecot[7307]: auth(default): od(caroline,211.160.19.250): lookup failed for user: caroline
Jun 2 16:25:32 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](delta,211.160.19.250): No record for user
Jun 2 16:25:32 mac-server dovecot[7307]: auth(default): od(delta,211.160.19.250): lookup failed for user: delta
Jun 2 16:25:35 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](mercedes,211.160.19.250): No record for user
Jun 2 16:25:35 mac-server dovecot[7307]: auth(default): od(mercedes,211.160.19.250): lookup failed for user: mercedes
Jun 2 16:25:38 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](papa,211.160.19.250): No record for user
Jun 2 16:25:38 mac-server dovecot[7307]: auth(default): od(papa,211.160.19.250): lookup failed for user: papa
Jun 2 16:25:44 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](cesar,211.160.19.250): No record for user
Jun 2 16:25:44 mac-server dovecot[7307]: auth(default): od(cesar,211.160.19.250): lookup failed for user: cesar
Jun 2 16:25:47 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](perry,211.160.19.250): No record for user
Jun 2 16:25:47 mac-server dovecot[7307]: auth(default): od(perry,211.160.19.250): lookup failed for user: perry
Jun 2 16:25:51 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](christ,211.160.19.250): No record for user
Jun 2 16:25:51 mac-server dovecot[7307]: auth(default): od(christ,211.160.19.250): lookup failed for user: christ
Jun 2 16:25:54 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](mike,211.160.19.250): No record for user
Jun 2 16:25:54 mac-server dovecot[7307]: auth(default): od(mike,211.160.19.250): lookup failed for user: mike
Jun 2 16:25:57 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](linda,211.160.19.250): No record for user
Jun 2 16:25:57 mac-server dovecot[7307]: auth(default): od(linda,211.160.19.250): lookup failed for user: linda
Jun 2 16:26:00 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](boss,211.160.19.250): No record for user
Jun 2 16:26:00 mac-server dovecot[7307]: auth(default): od(boss,211.160.19.250): lookup failed for user: boss
Jun 2 16:26:03 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](demo,211.160.19.250): No record for user
Jun 2 16:26:03 mac-server dovecot[7307]: auth(default): od(demo,211.160.19.250): lookup failed for user: demo
Jun 2 16:26:06 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](dolphin,211.160.19.250): No record for user
Jun 2 16:26:06 mac-server dovecot[7307]: auth(default): od(dolphin,211.160.19.250): lookup failed for user: dolphin
Jun 2 16:26:09 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](eric,211.160.19.250): No record for user
Jun 2 16:26:09 mac-server dovecot[7307]: auth(default): od(eric,211.160.19.250): lookup failed for user: eric
Jun 2 16:26:12 mac-server dovecot[7307]: auth(default): od[getpwnam_ext](albert,211.160.19.250): No record for user
Jun 2 16:26:12 mac-server dovecot[7307]: auth(default): od(albert,211.160.19.250): lookup failed for user: albert
ist das normal? ich schaue nicht ständig in die logs, aber so was ist mir bis jetzt noch nicht aufgefallen.
whois gibt mir das dazu aus:
Code:
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-3]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 211.160.0.0 - 211.160.255.255
netname: FibrLINK
descr: FibrLINK Communications Co., Ltd.
descr: 28th Floor, Times Fortune Building,
descr: No. 1 Hang Feng Road , Fengtai,District,BJ,CHINA
country: CN
admin-c: YW763-AP
tech-c: ZS110-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
status: ALLOCATED PORTABLE
remarks: abuse and attack reports sent to abuse@fibrlink.com
changed: ipas@cnnic.cn 20081111
source: APNIC
route: 211.160.0.0/16
descr: FibrLINK
descr: Beijing FibrLINK Networks Co.,Ltd.
country: CN
origin: AS9814
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20040213
source: APNIC
person: Yan Wu
nic-hdl: YW763-AP
address: No.10 Building,2nd Floor,3rd Block, Anzhen Xili
address: Chaoyang District, Beijing
country: CN
phone: +86-10-51961123
fax-no: +86-10-64422237
e-mail: yan.wu@fibrlink.com
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20081111
source: APNIC
person: Zheng Shengjun
nic-hdl: ZS110-AP
address: No.10 Building,2nd Floor,3rd Block, Anzhen Xili
address: Chaoyang District, Beijing
country: CN
phone: +86-10-51961071
fax-no: +86-10-64422237
e-mail: shengjun.zheng@fibrlink.com
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20070306
source: APNIC
will da so nen chinamann spam über meinen server versenden?
wird er aber nicht hin bekommen.
Gruß
Matthias