Forum Home


Gateway authenticates MZx
    Gateway authenticates Synametrics Support

From: MZx
Date: 6/10/20 7:11 PM
Topic: Gateway authenticates
Type: General Discussions
Post a follow up

Hello,

I have a strange problem with the server in the SMTPConversation.log tab, there is information about the connection being established and after some time I get information by email about the temporary blocking of the address 192.168.207.225. The strangest thing is that this address is the subnet gateway address and not the device that was trying to connect.

Anyone have an idea where to look for the cause?

btw. is a new server freshly installed on the old one, this problem does not occur.



2020-06-10 19:06:57,946 - [      1031] ************ New connection from: 192.168.207.225
2020-06-10 19:06:57,946 - [      1031] ************ New connection from: 192.168.207.225
2020-06-10 19:06:58,888 - [      1031] C --> EHLO User
2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,888 - [      1031] C --> EHLO User
2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:58,896 - [      1031] S 2020-06-10 19:06:59,670 - [      1032] ************ New connection from: 192.168.207.225
2020-06-10 19:06:59,880 - [      1031] C --> RSET
2020-06-10 19:06:59,880 - [      1031] S 2020-06-10 19:06:59,670 - [      1032] ************ New connection from: 192.168.207.225
2020-06-10 19:06:59,880 - [      1031] C --> RSET
2020-06-10 19:06:59,880 - [      1031] S 2020-06-10 19:07:00,644 - [      1032] C --> EHLO User
2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,837 - [      1031] C --> AUTH LOGIN
2020-06-10 19:07:00,838 - [      1031] S 2020-06-10 19:07:00,644 - [      1032] C --> EHLO User
2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,653 - [      1032] S 2020-06-10 19:07:00,837 - [      1031] C --> AUTH LOGIN
2020-06-10 19:07:00,838 - [      1031] S 2020-06-10 19:07:01,184 - [      1032] C --> RSET
2020-06-10 19:07:01,184 - [      1032] S 2020-06-10 19:07:01,621 - [      1032] C --> AUTH LOGIN
2020-06-10 19:07:01,621 - [      1032] S 2020-06-10 19:07:01,870 - [      1031] S 2020-06-10 19:07:01,184 - [      1032] C --> RSET
2020-06-10 19:07:01,184 - [      1032] S 2020-06-10 19:07:01,621 - [      1032] C --> AUTH LOGIN
2020-06-10 19:07:01,621 - [      1032] S 2020-06-10 19:07:01,870 - [      1031] S 2020-06-10 19:07:02,779 - [      1032] S 2020-06-10 19:07:02,869 - [      1031] S 2020-06-10 19:07:02,779 - [      1032] S 2020-06-10 19:07:02,869 - [      1031] S 2020-06-10 19:07:03,803 - [      1031] C --> QUIT
2020-06-10 19:07:03,803 - [      1031] S 2020-06-10 19:07:03,803 - [      1031] ~~~~~~~~~~~~ Connection Terminated (5857:999999)
2020-06-10 19:07:03,859 - [      1032] S 2020-06-10 19:07:03,803 - [      1031] C --> QUIT
2020-06-10 19:07:03,803 - [      1031] S 2020-06-10 19:07:03,803 - [      1031] ~~~~~~~~~~~~ Connection Terminated (5857:999999)
2020-06-10 19:07:03,859 - [      1032] S 2020-06-10 19:07:04,633 - [      1032] C --> QUIT
2020-06-10 19:07:04,633 - [      1032] S 2020-06-10 19:07:04,633 - [      1032] ~~~~~~~~~~~~ Connection Terminated (4964:999999)
2020-06-10 19:07:04,633 - [      1032] C --> QUIT
2020-06-10 19:07:04,633 - [      1032] S 2020-06-10 19:07:04,633 - [      1032] ~~~~~~~~~~~~ Connection Terminated (4964:999999)
Top
From: Synametrics Support
Date: 6/12/20 1:34 PM
Topic: Gateway authenticates
Type: General Discussions
Post a follow up

Since 192.168.207.225 is your own IP, I have a feeling the router/gateway is hiding the IP address of the real client connecting from the Internet. Check https://www.xeams.com/router-ip-in-logs.htm for details. In short, you should configure your router/gateway so it does not hide the client's IP.
Top