Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unknown Imap Logouts in Logwatch

Discussion in 'General Discussion' started by Morley, Sep 7, 2007.

  1. Morley

    Morley Well-Known Member

    Joined:
    Apr 24, 2007
    Messages:
    66
    Likes Received:
    0
    Trophy Points:
    156
    Hi,

    I'm a novice at reading the logwatch results but I was alarmed at seeing a few LOGOUT IPs that were not like the rest. Usually everything is either me or another couple of users. Here's a sample:

    Known user:
    LOGOUT, user=known@myhost.com, ip=[::ffff:67.188.132.183], headers=5306, body=171623, rcvd=20284, sent=231499, time=68502: 1 Time(s)
    LOGOUT, user=knownuser@myhost.com, ip=[::ffff:67.188.132.183], headers=5830, body=216964, rcvd=17809, sent=300830, time=68501: 1 Time(s)

    Unknown IP
    LOGOUT, ip=[::ffff:69.64.32.77], rcvd=11, sent=307: 48 Time(s)
    LOGOUT, ip=[::ffff:81.19.151.110], rcvd=11, sent=307: 48 Time(s)
    LOGOUT, ip=[::ffff:85.25.129.25], rcvd=11, sent=307: 43 Time(s)

    These IPs all resolve to web pages.

    Should I be concerned about these?

    Thanks
     
    #1 Morley, Sep 7, 2007
  2. nyjimbo

    nyjimbo Well-Known Member

    Joined:
    Jan 25, 2003
    Messages:
    1,125
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    New York
    Could be third party webmail logins. I started seeing this from verizon webmail intefaces recently but with known-good accounts.

    If all they are doing is reading email and nothing else weird is going on I cant imagine what else they could be doing. 81.19.151.110 is a uptime monitor, so someone could be watching your performance, my customers do it with all kinds of tools.

    One is from germany, do you have customers there?.
     
    #2 nyjimbo, Sep 7, 2007
    Last edited: Sep 7, 2007
  3. Morley

    Morley Well-Known Member

    Joined:
    Apr 24, 2007
    Messages:
    66
    Likes Received:
    0
    Trophy Points:
    156
    No customers from germany but I do use an uptime monitor. Would this show up in the logs even if someone just contacts the IMAP?

    Thanks
     
    #3 Morley, Sep 7, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - Unknown Imap Logouts
  1. SkipperHosting

    PHP Warning: Module already loaded in Unknown on line 0

    SkipperHosting, Oct 12, 2017 at 9:53 AM, in forum: General Discussion
    Replies:
    7
    Views:
    81
    SkipperHosting
    Oct 14, 2017 at 4:26 AM
  2. morteza3245

    Unknown storage engine 'InnoDB' error: Corrupt

    morteza3245, Sep 21, 2017, in forum: Database Discussions
    Replies:
    6
    Views:
    226
    cPanelMichael
    Sep 22, 2017
  3. allpar

    Unknown Kernel

    allpar, Aug 28, 2017, in forum: CloudLinux
    Replies:
    4
    Views:
    164
    allpar
    Aug 29, 2017
  4. mrjasonh98

    Unknown error when installing SSL

    mrjasonh98, Jul 20, 2017, in forum: Security
    Replies:
    1
    Views:
    135
    cPanelMichael
    Jul 20, 2017
  5. avanticreativos

    Unknown storage engine 'InnoDB' error

    avanticreativos, Jun 25, 2017, in forum: Database Discussions
    Replies:
    1
    Views:
    515
    Infopro
    Jun 26, 2017

Share This Page