Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Odd Smtp Connections
  •  
Neo101

Messages: 1
Karma: 0
Send a private message to this user
Hello,

I recently set up a new server in a datacenter. We had a Kerio Mailserver running at another datacenter so I copied configs, stopped the other server and activated the new one.


After setting up Firewall policies on the DMZ, all looks good for the most part. All the mail ports and mailboxes are sending/recieveing emails. But what I am noticing is that in the ACTIVE CONNECTIONS window, i see a number of, 4-5, "odd' smtp connections. They are odd to me because the IP scheme is totally off as compared to the normal IP's that connect(if that make sense) and looks like maybe spammer/hacker are trying to exploit the server. I was watching the ACTIVE CONNECTIONS window and I saw one of our users logged in but again, from a really odd 35.X.X.X ip and another 1ith q 59.X.X.X IP address. That really concerned me.

Am I being a nervous nelly or should be concerned? Can i find out another way? Any tips would be appreciated.

Thanks.

[Updated on: Sat, 16 February 2008 17:16]

  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
You could see where those IP are located or to whom their registered to. For example here: http://www.mydnstools.info/

Perhaps that can help you trace those IP's...
  •  
dunnwell

Messages: 1
Karma: 0
Send a private message to this user
It's also possible that these connections are just SMTP monitoring by your new data center. They may employ an in-house monitor AND an external monitor, which would explain why you're seeing connections from IPs on two different subnets.

DNS lookup of the IPs will probably help you figure this out -- if the domain name is the same as that of your data center, then that's probably what's going on. Check with the data center's support staff to make sure.

[Updated on: Tue, 19 February 2008 18:17]

Previous Topic: Caldav on KMS 6.5 beta 7
Next Topic: Too many connections to directory LDAP server
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Oct 18 15:06:04 CEST 2017

Total time taken to generate the page: 0.00424 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.