I've seen this error now a few times, with no regularity on my mail server. I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.

1/17 02:04:57p 2820 SMTP Session thread started
1/17 02:04:57p 2820 SMTP Connection accepted on port 587 from: 141.212.122.208 port 8828
1/17 02:04:57p 2820 SMTP Hostname: researchscan463.eecs.umich.edu
1/17 02:04:57p 2820 SMTP DNSBL Query: 208.122.212.141.sbl.spamhaus.org
1/17 02:04:57p 2820 SMTP DNSBL Query: 208.122.212.141.bl.spamcop.net
1/17 02:04:58p 2820 SMTP DNSBL Query: 208.122.212.141.spam.dnsbl.sorbs.net
1/17 02:04:58p 2820 SMTP Session ID=1c74b043b622a26c0f9
1/17 02:04:58p 2820 SMTP RX: EHLO eecs.umich.edu
1/17 02:04:58p 2820 SMTP RX: STARTTLS
1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'
1/17 02:04:58p 2820 Socket closed by peer on receive
1/17 02:04:58p 2820 SMTP Session thread terminated (2 threads remain, 23 clients served)

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com
Valhalla II! - (GAP) - bbs.valhallabbs.com:24
A Gamers Paradise - Over 150 Registered Online Game Doors!

Play Trade Wars Between 10 Other BBS's On Valhalla's Trade Wars Game Server!

Featuring Legion, A New RPG, Available On Both Systems!

--- Don't eat the yellow snow!
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net

Re: Strange error on mail server
By: DesotoFireflite to All on Wed Jan 17 2018 02:29 pm

I've seen this error now a few times, with no regularity on my mail server. I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.

I've seen that too. TLS is a secure type of connection, and it looks like a client trying to initiate a TLS connection which the Synchronet mail server doesn't support. Personally I haven't been worried about it. It seems similar to bots trying to log on to the telnet server as 'root' when there is no root user (they aren't going to get in).

Nightfox

---
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com

Re: Strange error on mail server
By: DesotoFireflite to All on Wed Jan 17 2018 02:29 pm

I've seen this error now a few times, with no regularity on my mail server. I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.

Nothing to be alarmed about. Something is trying to perform an encrypted SMTP (send mail) session, which we don't support.

digital man

This Is Spinal Tap quote #14:
The Boston gig has been cancelled. [Don't] worry, it's not a big college town. Norco, CA WX: 79.7øF, 25.0% humidity, 1 mph WSW wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: Strange error on mail server
By: DesotoFireflite to All on Wed Jan 17 2018 02:29 pm

I've seen this error now a few times, with no regularity on my mail server. I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.

1/17 02:04:57p 2820 SMTP Session thread started
1/17 02:04:57p 2820 SMTP Connection accepted on port 587 from: 141.212.122.208 port 8828
1/17 02:04:57p 2820 SMTP Hostname: researchscan463.eecs.umich.edu
1/17 02:04:57p 2820 SMTP DNSBL Query: 208.122.212.141.sbl.spamhaus.org 1/17 02:04:57p 2820 SMTP DNSBL Query: 208.122.212.141.bl.spamcop.net
1/17 02:04:58p 2820 SMTP DNSBL Query:
208.122.212.141.spam.dnsbl.sorbs.net
1/17 02:04:58p 2820 SMTP Session ID=1c74b043b622a26c0f9
1/17 02:04:58p 2820 SMTP RX: EHLO eecs.umich.edu
1/17 02:04:58p 2820 SMTP RX: STARTTLS
1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'
1/17 02:04:58p 2820 Socket closed by peer on receive
1/17 02:04:58p 2820 SMTP Session thread terminated (2 threads remain, 23 clients served)

I have seen this over here on my system and ti is coming from the University of Michigan here in Michigan. I just went into my host.can and put in there *.umich.edu and it has stopped. It is some kind of bot or port scanner coming from there and by adding that to your host.can it will stop it.


Mojo

---
þ Synchronet þ Mojo's World BBS - mojo.synchro.net

Re: Strange error on mail server
By: Nightfox to DesotoFireflite on Wed Jan 17 2018 12:38 pm

I've seen this error now a few times, with no regularity on my mail
server. I'm wondering what it is, and should I be alarmed. "1/17
02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the
log.

I've seen that too. TLS is a secure type of connection, and it looks like a client trying to initiate a TLS connection which the Synchronet mail server doesn't support. Personally I haven't been worried about it. It seems similar to bots trying to log on to the telnet server as 'root' when there is no root user (they aren't going to get in).

I was thinking the same thing, and wasn't too worried about it, just wanted to make sure I handn't broke anything. Thanks

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com
Valhalla II! - (GAP) - bbs.valhallabbs.com:24
A Gamers Paradise - Over 150 Registered Online Game Doors!

Play Trade Wars Between 10 Other BBS's On Valhalla's Trade Wars Game Server!

Featuring Legion, A New RPG, Available On Both Systems!

--- FART(n): An audio test of one's waste-disposal system.
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net

Re: Strange error on mail server
By: Digital Man to DesotoFireflite on Wed Jan 17 2018 12:59 pm

I've seen this error now a few times, with no regularity on my mail
server. I'm wondering what it is, and should I be alarmed. "1/17
02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the
log.

Nothing to be alarmed about. Something is trying to perform an encrypted SMTP (send mail) session, which we don't support.

Thanks Rob, I wasn't too worried, I figures something like that, just wanted to be sure.

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com
Valhalla II! - (GAP) - bbs.valhallabbs.com:24
A Gamers Paradise - Over 150 Registered Online Game Doors!

Play Trade Wars Between 10 Other BBS's On Valhalla's Trade Wars Game Server!

Featuring Legion, A New RPG, Available On Both Systems!

--- Old farts never die! They just smell that way...
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net

Re: Strange error on mail server
By: Mojo to DesotoFireflite on Wed Jan 17 2018 11:11 pm

1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'

I have seen this over here on my system and ti is coming from the University of Michigan here in Michigan. I just went into my host.can and put in there *.umich.edu and it has stopped. It is some kind of bot or port scanner coming from there and by adding that to your host.can it will stop it.

Thanks, good idea. As you know, my mind has been elseware lately. Things are slowly comming togeather now. I send you a PM on your system.

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com
Valhalla II! - (GAP) - bbs.valhallabbs.com:24
A Gamers Paradise - Over 150 Registered Online Game Doors!

Play Trade Wars Between 10 Other BBS's On Valhalla's Trade Wars Game Server!

Featuring Legion, A New RPG, Available On Both Systems!

--- Don't eat the yellow snow!
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net

On 2018 Jan 17 14:29:26, you wrote to All:

I've seen this error now a few times, with no regularity on my mail

server.

I'm wondering what it is, and should I be alarmed. "1/17 02:04:58p 2820 !SMTP UNSUPPORTED COMMAND: 'STARTTLS'" Below is the log.

they're trying to start a secure connection... sbbs apparently doesn't support it OR you don't have it configured to...

1/17 02:04:57p 2820 SMTP Session thread started
1/17 02:04:57p 2820 SMTP Connection accepted on port 587 from: 141.212.122.208 port 8828
1/17 02:04:57p 2820 SMTP Hostname: researchscan463.eecs.umich.edu

the domain is accurate... that's a university of michigan IP and they're know to scan and attempt brute force stuffs... they've been caught in several honeypots... it may be legit research as the hostname indicates... i don't know...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... I run into friends a lot. Maybe I should stay on the road when I drive.
---
* Origin: (1:3634/12.73)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Jay,

I have seen this over here on my system and ti is coming from the University M>Michigan here in Michigan. I just went into my host.can and put in there M>*.umich.edu and it has stopped. It is some kind of bot or port scanner coming M>from there and by adding that to your host.can it will stop it.

Same over here.

Daryl

---
þ OLX 1.53 þ I'm out of bed and dressed. What more do you want??
þ Synchronet þ The Thunderbolt BBS - wx1der.dyndns.org

Re: Strange error on mail server
By: mark lewis to DesotoFireflite on Thu Jan 18 2018 03:10 pm

they're trying to start a secure connection... sbbs apparently doesn't support it OR you don't have it configured to...

1/17 02:04:57p 2820 SMTP Session thread started
1/17 02:04:57p 2820 SMTP Connection accepted on port 587 from:
141.212.122.208 port 8828
1/17 02:04:57p 2820 SMTP Hostname: researchscan463.eecs.umich.edu

the domain is accurate... that's a university of michigan IP and they're know to scan and attempt brute force stuffs... they've been caught in several honeypots... it may be legit research as the hostname indicates... i don't know...

Thanks Mark. I'm goona block it for now, as they are hitting me with regularity now.

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com
Valhalla II! - (GAP) - bbs.valhallabbs.com:24
A Gamers Paradise - Over 150 Registered Online Game Doors!

Play Trade Wars Between 10 Other BBS's On Valhalla's Trade Wars Game Server!

Featuring Legion, A New RPG, Available On Both Systems!

--- I'm so disorganized my keyboard isn't even in alphabetical order!
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net