On 2009-08-03, Eric <[email protected]> wrote: > I'm suddenly seeing numbers of various computers trying to > log on imap on my mail server. > > I've never noticed this before. Is there a new > vulnerability out there someone is trying to exploit?
IME it's normal background noise for the internet.. The things you can do in PF to mitigate SSH brute forcing (max-src-conn-rate etc) can be used here too, but must be done carefully as legitimate clients make multiple connections.
