For the first time since I can remember, my POP3 server was effectively shut down by too many simultaneous connections today. The first fix I tried was to raise the number of connections from the default 40 to 100, but the problem soon returned.
I finally ipfw'd off the offending IP (98.190.204.2 for anyone interested), then went to look for other possible offenders in the log. I noticed several thousand connections today to a few dozen former users from 4 IPs from 208.70.128.0/21. One of the users was actually legitimate.
These IPs belong to mailanyone.net. The tech contact in their ARIN record is listed as:
OrgTechHandle: BHE57-ARIN
OrgTechName: Heitman, Bryan
OrgTechPhone: +1-816-587-4700
OrgTechEmail: hostmaster@mailanyone.net
However, that phone number goes to a UPS store that has no idea what I'm talking about. I then dialed their suppseod NOC number:
Comment: FuseMail, LLC Network Operations Center contact
Comment: 877.888.3873 x3
I am on hold with that number right now with some very loud and annoying music.
Can anyone offer any insight as to these people and how/who to deal with there?
Would a provider be amiss to just block their entire /21?
TIA,
James Smallacombe PlantageNet, Inc. CEO and Janitor
up@3.am http://3.am