How did this happen?

Post Reply
LukeDouglas
Junior Member
Posts: 26
Joined: 22 Apr 2016, 17:35

How did this happen?

Post by LukeDouglas »

I got an email from the server with this line:
'admin@DOMAIN.COM' to access service 'mail' from IP '155.133.82.177': 31 Time(s)
dovecot: auth: Error: Cpanel::MailAuth: cphulk incremented the failure count for user

However, I have this in my deny list:
155.133.0.0/16 # Error: Cpanel::MailAuth: cphulk Poland Thu Apr 28 13:00:00 2025 DO NOT DELETE

So pray tell me how the user from the IP 155.133.82.177 even had access to anything on the server?

FYI, there is no IP beginning with '155.' in the allow list at all.

Is ConfigServer a reliable firewall or are there other circles or loops I have to go through to ensure that NO ONE from an ip 155.133.0.0-155.133.255.255 gets access to 'anything' on my server?
sawbuck
Junior Member
Posts: 366
Joined: 10 Dec 2006, 16:20

Re: How did this happen?

Post by sawbuck »

Yes, CSF is an excellent product with frequent updates made available at no cost from one of the premier Internet companies.

I would try adding 155.132.0.0/15 in addition to 155.133.0.0/16
Post Reply