I host my own email and can regularly see people/bots trying to log into my email and accounts with random names. I block those IPs as soon as they try and log in. I then log basic data about them (country, reverse DNS). I created a website that gives some basic statistics about that data and makes the IPs available if others wanted them.

I called it MX Offenders and I’m mostly doing this as a fun project for myself. The site is also self-hosted. It is at https://mxo.michaelspost.com/ It probably won’t be used by anyone, but was fun to create and I thought I would see what others think.

  • buttstuff2023@alien.topB
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    1 year ago

    I did something similar with Graylog and ssh login attempts. Even had a neat little real-time global map with dots on the location the attempts originated from.

    I get surprisingly few login attempts on my mail server though.