checking the logs today i have noticed a large number of warnings that i don;t fully understand:
the line in the logs looks like this:
[31/Jul/2007 17:00:20] pop: User mail.domain.dom\user<_a.t_>domain.dom doesn't exist. Attempt from IP address 220.127.116.11
where domain.dom is a valid domain hosted on my server and user is a valid user for that domain (and mail.domain.dom a valid domain alias).
These attempts are happening all from different ip's but all from ip's whose reverse dns lookup point to various domains under myvzw.com (Which, i don't know, might be providing internet access for some of my users).
Additionally these attempts are happening for 3 (out of 25) users of the same domain.
can someone clarify the meaning of the log entry?
is the username attempting to connect "mail.domain.dom\user"? If this is the case then it obviously fails because that is not a valid username. Or is the "mail.domain.dom" preceding the username there to indicate to which domain the user attempted to connect? If this was the case it should not fail....
Can someone clarify?
I don't know an immediate answer, but you could very simply find out yourself: login with some variations of your user name and see how it ends up in the log...
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of