I always thought that the failed password [count] options that I know 
work on SMTP would work on POP3 but it appears not.  Sure would be nice 
if the settings worked for all protocols.  X [small number like 4] bad 
SMTP guesses and it just drops the connections.

--Ed

On 12/21/2011 02:46 PM, Lyle Giese wrote:
> On 12/21/2011 11:17 AM, Lyle Giese wrote:
>> FYI,
>> we have been under a concerted long term POP3 password attack from
>> 216.231.134.98
>>
>> I have a host in front of our Surgemail servers running IPTables and am
>> dropping all packets from this host. I have not had time to look into
>> this, but it looks like a hosting company of some sort.
>>
>> Lyle Giese
>> LCR Computer Services, Inc.
>>
>
> Just a quick followup, I have not looked to see if the attacker is gone,
> but the ISP (Continuum Data Centers, LLC) has already responding and it
> working on the issue from their end.
>
> This POP3 brute force password attack was running for about 6 hrs before
> I noticed and adjusted the IPTables to cut him off.
>
> Lyle
>
>
>

-- 
-----------------------------------------------------------
EAS Enterprises LLC
World Class Web and Email Hosting Solutions
IPv6 ready today for your needs of tomorrow!
Ask us about dual-stacking your site
www.easent.net