dovecot - Sep 2014 - doveadm penalty: who is 0.0.0.0?

Using doveadm penalty I just noticed a penalty for 0.0.0.0.

Is this Postfix querying the auth-socket for his SASL-requests?

I tried adding 0.0.0.0 to login_trusted_networks, but that doesn't help.

Peer

-- 
Heinlein Support GmbH
Schwedter Str. 8/9b, 10119 Berlin

http://www.heinlein-support.de

Tel: 030 / 405051-42
Fax: 030 / 405051-19

Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht
Berlin-Charlottenburg,
Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20140923/e74f4563/attachment.sig>

* Peer Heinlein <p.heinlein at
heinlein-support.de>:
> 
> Using doveadm penalty I just noticed a penalty for 0.0.0.0.
> 
> Is this Postfix querying the auth-socket for his SASL-requests?
Maybe a portscan? Sometimes they turn up as 0.0.0.0

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstra?e 15, 81669 M?nchen

Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

On 23 Sep 2014, at 15:31, Peer Heinlein <p.heinlein at
heinlein-support.de> wrote:
> 
> Using doveadm penalty I just noticed a penalty for 0.0.0.0.
> 
> Is this Postfix querying the auth-socket for his SASL-requests?
Most likely. 0.0.0.0 would in any case mean "unknown". It
shouldn't show up in penalty though..