I've seen this error now a few times, with no regularity on my mail server. I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.
I've seen this error now a few times, with no regularity on my mail server. I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.
I've seen this error now a few times, with no regularity on my mail server. I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.
1/17 02:04:57p 2820 SMTP Session thread started
1/17 02:04:57p 2820 SMTP Connection accepted on port 587 from: 141.212.122.208 port 8828
1/17 02:04:57p 2820 SMTP Hostname: researchscan463.eecs.umich.edu
1/17 02:04:57p 2820 SMTP DNSBL Query: 208.122.212.141.sbl.spamhaus.org 1/17 02:04:57p 2820 SMTP DNSBL Query: 208.122.212.141.bl.spamcop.net
1/17 02:04:58p 2820 SMTP DNSBL Query:
208.122.212.141.spam.dnsbl.sorbs.net
1/17 02:04:58p 2820 SMTP Session ID=1c74b043b622a26c0f9
1/17 02:04:58p 2820 SMTP RX: EHLO eecs.umich.edu
1/17 02:04:58p 2820 SMTP RX: STARTTLS
1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'
1/17 02:04:58p 2820 Socket closed by peer on receive
1/17 02:04:58p 2820 SMTP Session thread terminated (2 threads remain, 23 clients served)
I've seen this error now a few times, with no regularity on my mail
server. I'm wondering what it is, and should I be alarmed. "1/17
02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the
log.
I've seen that too. TLS is a secure type of connection, and it looks like a client trying to initiate a TLS connection which the Synchronet mail server doesn't support. Personally I haven't been worried about it. It seems similar to bots trying to log on to the telnet server as 'root' when there is no root user (they aren't going to get in).
I've seen this error now a few times, with no regularity on my mail
server. I'm wondering what it is, and should I be alarmed. "1/17
02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the
log.
Nothing to be alarmed about. Something is trying to perform an encrypted SMTP (send mail) session, which we don't support.
1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'
I have seen this over here on my system and ti is coming from the University of Michigan here in Michigan. I just went into my host.can and put in there *.umich.edu and it has stopped. It is some kind of bot or port scanner coming from there and by adding that to your host.can it will stop it.
I've seen this error now a few times, with no regularity on my mailserver.
I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.
1/17 02:04:57p 2820 SMTP Session thread started
1/17 02:04:57p 2820 SMTP Connection accepted on port 587 from: 141.212.122.208 port 8828
1/17 02:04:57p 2820 SMTP Hostname: researchscan463.eecs.umich.edu
I have seen this over here on my system and ti is coming from the University M>Michigan here in Michigan. I just went into my host.can and put in there M>*.umich.edu and it has stopped. It is some kind of bot or port scanner coming M>from there and by adding that to your host.can it will stop it.
they're trying to start a secure connection... sbbs apparently doesn't support it OR you don't have it configured to...
1/17 02:04:57p 2820 SMTP Session thread started
1/17 02:04:57p 2820 SMTP Connection accepted on port 587 from:
141.212.122.208 port 8828
1/17 02:04:57p 2820 SMTP Hostname: researchscan463.eecs.umich.edu
the domain is accurate... that's a university of michigan IP and they're know to scan and attempt brute force stuffs... they've been caught in several honeypots... it may be legit research as the hostname indicates... i don't know...
Sysop: | MCMLXXIX |
---|---|
Location: | Prospect, CT |
Users: | 325 |
Nodes: | 10 (0 / 10) |
Uptime: | 07:11:26 |
Calls: | 510 |
Messages: | 220571 |