ATTN: Comcast Security, repeated hack attempts

Comcast Security, It appears someone is attempting (thankfully, with no success) to compromise our mail server. It further appears these attempts are coming from a comcastbusiness.net IP address (one which, I'll wager, has been compromised by the Virus-of-the-Week, and is being abused to launch this 'attack'). Here is an excerpt from our firewall's log.

Mar 25 13:37:16 vm-willy postfix/smtpd[27064]: connect from 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114] Mar 25 13:37:21 vm-willy postfix/smtpd[27064]: warning: 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

Mar 25 13:37:21 vm-willy postfix/smtpd[27064]: disconnect from 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114] Mar 25 13:39:09 vm-willy postfix/smtpd[27070]: initializing the server-side TLS engine Mar 25 13:39:09 vm-willy postfix/smtpd[27070]: connect from 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114] Mar 25 13:39:13 vm-willy postfix/smtpd[27070]: warning: 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

Mar 25 13:39:13 vm-willy postfix/smtpd[27070]: disconnect from 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114] Mar 25 13:40:49 vm-willy postfix/anvil[26216]: statistics: max cache size 2 at Mar 25 13:36:06 Mar 25 13:40:59 vm-willy postfix/smtpd[27084]: initializing the server-side TLS engine

Mar 25 13:40:59 vm-willy postfix/smtpd[27084]: connect from 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114] Mar 25 13:41:03 vm-willy postfix/smtpd[27084]: warning: 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

Mar 25 13:41:03 vm-willy postfix/smtpd[27084]: disconnect from 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114] Mar 25 13:42:49 vm-willy postfix/smtpd[27087]: initializing the server-side TLS engine Mar 25 13:42:49 vm-willy postfix/smtpd[27087]: connect from 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114] Mar 25 13:42:54 vm-willy postfix/smtpd[27087]: warning: 50-202-230-114-static.hfc.comcastbusiness.net[50.202.230.114]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

These attempts have been going on since at least 1217 PDT today (March 25th). They continued up until I configured our firewall to block the source IP address.

So -- Why am I reporting this here, instead of calling it in to Comcast "Support?"

Because the level of faith I have in said "support" to even understand what I'm talking about, let alone take corrective measures, lies somewhere in the negative numbers.

I do wish the City of Kent would hurry up and create their municipal fiber network...

Thank you.