• Banned 1300+ IPs so far. WTF is up with the brute for attack on user "c

    From cnysupport@gmail.com@21:1/5 to All on Fri May 17 06:31:50 2019
    My server had never had a user named chamrone. It's doesn't look significant and it's not an admin account I'm aware of, but someone/something has been trying to brute force the password for over a month now by attempting an IMAP login.

    They try 1 password from 1 IP address, then never use that IP again, or use it maybe once more. I ban each IP after the first try, however I'm just really confused by this.

    The IPs are from all over the world, although few/none from the US, where I'm located.

    Someone with a large botnet is spending time trying to guess the password for a nonexistent user.

    Does anybody have any ideas what the purpose for this is?

    It's not a security risk (AFAIK) because there is no user, but it's so persistent that I'm starting to think that something is going on that I'm just not aware of.

    Anybody have any thoughts/ideas?

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)