Koozali.org: home of the SME Server
Obsolete Releases => SME 9.x Contribs => Topic started by: SchulzStefan on November 12, 2017, 04:29:50 PM
-
The IP 212.83.168.232 attempts a lot times against Qpsmtpd.
https://www.talosintelligence.com/reputation_center/lookup?search=212.83.168.232 (https://www.talosintelligence.com/reputation_center/lookup?search=212.83.168.232)
brings up:
Hostname front.koozali.org
What does this mean?
regards,
stefan
-
This is the main IP address of Koozali's infra, including the one emails of our mailing lists are sent from. When you say "attempts" I guess you mean this server tries to deliver emails to you, which is probably legitimate. Please send any further info to security@contribs.org and we'll investigate if necessary
-
Please send me directly some logs of those SMTP transactions (from your qpsmtpd logs)
-
This might have been the reason:
#config show qpsmtpd BadCountries
qpsmtpd=service
BadCountries=snip - FR - snip
I deleted FR from my list and will report back, if this helped.
regards,
stefan
-
This certainly can be a reason ;-)
Koozali infra is hosted in France indeed
-
It was the reason.
regards,
stefan
-
#config show qpsmtpd BadCountries
qpsmtpd=service
BadCountries=snip - FR - snip
NATO allies, are they not?
-
NATO allies, are they not?
They are, of course. My bad. I should trust any French IP. J'aime beaucoup nos amis francaise. And it's not only because of the Bordeaux-Wine and the delicious food... This is going to be OT now...
regards,
stefan