How did this happen?
Posted: 29 Apr 2016, 16:39
I got an email from the server with this line:
'admin@DOMAIN.COM' to access service 'mail' from IP '155.133.82.177': 31 Time(s)
dovecot: auth: Error: Cpanel::MailAuth: cphulk incremented the failure count for user
However, I have this in my deny list:
155.133.0.0/16 # Error: Cpanel::MailAuth: cphulk Poland Thu Apr 28 13:00:00 2025 DO NOT DELETE
So pray tell me how the user from the IP 155.133.82.177 even had access to anything on the server?
FYI, there is no IP beginning with '155.' in the allow list at all.
Is ConfigServer a reliable firewall or are there other circles or loops I have to go through to ensure that NO ONE from an ip 155.133.0.0-155.133.255.255 gets access to 'anything' on my server?
'admin@DOMAIN.COM' to access service 'mail' from IP '155.133.82.177': 31 Time(s)
dovecot: auth: Error: Cpanel::MailAuth: cphulk incremented the failure count for user
However, I have this in my deny list:
155.133.0.0/16 # Error: Cpanel::MailAuth: cphulk Poland Thu Apr 28 13:00:00 2025 DO NOT DELETE
So pray tell me how the user from the IP 155.133.82.177 even had access to anything on the server?
FYI, there is no IP beginning with '155.' in the allow list at all.
Is ConfigServer a reliable firewall or are there other circles or loops I have to go through to ensure that NO ONE from an ip 155.133.0.0-155.133.255.255 gets access to 'anything' on my server?