Mail warning log. SASL Login authentication.

Hi I am running Dedian with ISPconfig3.

A couple of days ago my emails from my domain that is on my dedicated server was rejected by google. That started to worry me. I have tried to send email to hotmail and yahoo and they are not rejecting my emails..
I therefore started to look at my email logs to see if there was something.

I found that one email user account was sending out huge amount of email. I then delete the account and delete the email que and the email ques is normal (empty now).
But nevertheless I believe there is a reason for this..
I now see in my email warnign log the following below and wonders if someone is trying to hacking me or I have some script that is trying to send out emails from my server.
Yesterday I Install ISPProtect and I hope it will help me prevent and detect this type of things.

So my question. Can anyone from the log below tell me what is likely happening. Any suggestion of actions is highly appreciated.



Jan 31 11:00:44 www postfix/master[10035]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Jan 31 11:09:38 www postfix/smtpd[16008]: warning: unknown[185.211.245.170]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan 31 11:09:45 www postfix/smtpd[16008]: warning: unknown[185.211.245.170]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan 31 11:16:01 www dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 31 11:16:01 www dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
Jan 31 11:19:49 www dovecot: master: Warning: SIGHUP received - reloading configuration
Jan 31 11:21:31 www postfix/smtpd[18215]: warning: hostname hostcheck.hetzner.com does not resolve to address 213.133.99.103
Jan 31 11:22:24 www postfix/smtpd[18215]: warning: hostname maxko-hosting.com does not resolve to address 45.95.168.159
Jan 31 11:22:27 www postfix/smtpd[18215]: warning: unknown[45.95.168.159]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan 31 11:26:50 www postfix/smtpd[18903]: warning: unknown[193.56.28.26]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jan 31 11:36:26 www postfix/smtps/smtpd[20442]: warning: hostname 100.152.3.31.in-addr.arpa does not resolve to address 31.3.152.100: Name or service not known
Jan 31 11:36:29 www postfix/smtps/smtpd[20442]: warning: unknown[31.3.152.100]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

 

Hi again

I still have these warnings all over my email warninglog similare to the one below, and is there anything I can do to get this to stop except turn off my server as I see as no option

See example below.
Feb 9 05:39:34 www postfix/smtpd[21757]: warning: hostname ip-113-133.4vendeta.com does not resolve to address 78.128.113.133
Feb 9 05:39:41 www postfix/smtpd[21757]: warning: unknown[78.128.113.133]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 9 06:07:45 www postfix/smtps/smtpd[25546]: warning: hostname 100.152.3.31.in-addr.arpa does not resolve to address 31.3.152.100: Name or service not known
Feb 9 06:07:47 www postfix/smtps/smtpd[25546]: warning: unknown[31.3.152.100]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb 9 06:12:48 www postfix/smtpd[26297]: warning: hostname 52.95.pppoe.mari-el.ru does not resolve to address 77.40.95.52
Feb 9 06:12:50 www postfix/smtpd[26297]: warning: unknown[77.40.95.52]: SASL PLAIN authentication failed:
Feb 9 06:14:34 www dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF
Feb 9 06:28:16 www postfix/smtpd[29080]: warning: hostname ip-113-133.4vendeta.com does not resolve to address 78.128.113.133
Feb 9 06:28:19 www postfix/smtpd[29080]: warning: unknown[78.128.113.133]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Feb

 

I have now solved the solution it took approximally 4 weeks before google and other big providers to approve our server again.
After a week these attempt on trying ot log in on our server also more or less stopped.

All off the issue came from an email account that was used to spam.