Hello Abuse-Team,
your Server with the IP: 213.199.218.2 has attacked one of our server on the service:
"postfix" on Time: Sun, 29 May 2011 13:37:44 +0200
The IP was automatically blocked for more than 10 minutes. To block an IP, it needs
3 failed Logins, one match for "invalid user" or a 5xx-Error-Code (eg. Blacklist)!
Please check the machine behind the IP 213.199.218.2 (213-199-218-2.tktelekom.pl) and fix the problem.
real-time data for this day available at:
http://support.clean-mx.de/clean-mx/pub ... .199.218.2You can parse this Mail with X-ARF-Tools (1. attachment = Details, 2. attachment = Logs).
You found more Information about X-Arf under
http://www.x-arf.org/specification.htmlIf you have a special x-arf email contact, please drop us a note.
In the attachment of this mail you can find the original protocols of our systems.
yours
Gerhard W. Recher
(Geschaeftsfuehrer)
NETpilot GmbH
Wilhelm-Riehl-Str. 13
D-80687 Muenchen
GSM: ++49 171 4802507
Handelsregister Muenchen: HRB 124497
w3:
http://www.clean-mx.dee-Mail: mailto:abuse@clean-mx.de
PGP-KEY: Fingerprint: A4E317B6DC6494DCC9616366A75AB34CDD0CE552 id: 0xDD0CE552
Location:
http://www.clean-mx.de/downloads/abuse- ... de.pub.ascEvidence:
attacked server: relay.netpilot.net
envelopesender:
brttr@alnobala.orgenveloperecpient:
ert@mucweb.deHelo: 213-199-218-2.tktelekom.pl
source-ip: 213.199.218.2
protocol: ESMTP
instance: predata05.6cf3.4de23008.9eadf.0
size: 0
reason: 5 -->554 User (%s) not known to us please verify your adressbook for any typos in this email adress or inquire manually
Evidences so far in total for this ip:1
--Abuse-302739f0cdd4e5c9eb28faf1ff7432dd
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=utf8; name="report.txt";
---
Reported-From:
abuse@clean-mx.deCategory: info
Report-Type: harvesting
Service: postfix
Version: 0.1
User-Agent: V2.1.6(25.3.2011) anti-scam-bot clean-mx.de
Date: Sun, 29 May 2011 13:37:44 +0200
Source-Type: ip-address
Source: 213.199.218.2
Port: 25
Report-ID:
108163988@postfix.clean-mx.deSchema-URL:
http://www.x-arf.org/schema/info_0.1.0.jsonAttachment: text/plain
--Abuse-302739f0cdd4e5c9eb28faf1ff7432dd
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=utf8; name="logfile.log";
attacked server: relay.netpilot.net
envelopesender:
brttr@alnobala.orgenveloperecpient:
ert@mucweb.deHelo: 213-199-218-2.tktelekom.pl
source-ip: 213.199.218.2
protocol: ESMTP
instance: predata05.6cf3.4de23008.9eadf.0
size: 0
reason: 5 -->554 User (%s) not known to us please verify your adressbook for any typos in this email adress or inquire manually
Evidences so far in total for this ip:1