quotacheck Is this a happy quotacheck at this stage or not? it told me to use quotacheck -f to force checking... Code: root@25612-21212:~# quotacheck -favugm quotacheck: Your kernel probably supports journaled quota but you are not using it. Consider switching to journaled quota to avoid running quotacheck after an unclean shutdown. quotacheck: Scanning /dev/vzfs [/] done quotacheck: Checked 3811 directories and 42728 files quotacheck: Quota file //aquota.user has IMMUTABLE flag set. Clearing. quotacheck: Failed to remove IMMUTABLE flag from quota file //aquota.user: Inappropriate ioctl for device quotacheck: Quota file //aquota.group has IMMUTABLE flag set. Clearing. quotacheck: Failed to remove IMMUTABLE flag from quota file //aquota.group: Inappropriate ioctl for device root@25612-21212:~# Code: root@25612-21212:~# quotaon -avug quotaon: using //aquota.group on /dev/vzfs [/]: Device or resource busy quotaon: using //aquota.user on /dev/vzfs [/]: Device or resource busy
17 Install Vlogger, Webalizer, And AWstats There's a problem with this step... Code: Setting up geoip-database (1.4.6.dfsg-17) ... Setting up awstats (6.9~dfsg-1ubuntu3.10.04.1) ... Setting up vlogger (1.3-3) ... root@25612-21212:~# cp -prf /usr/share/doc/awstats/examples/awstats_buildstaticpages.pl /usr/share/awstats/tools/awstats_buildstaticpages.pl cp: cannot create regular file `/usr/share/awstats/tools/awstats_buildstaticpages.pl': No such file or directory Is the directory supposed to be there after installing awstats... or is it because I don't have any users yet?
Just want to clarify /etc/hostname Code: 25612-21212.vps.digitalpacific.com.au xanderit.com or remove 25612-21212.vps.digitalpacific.com.au
ISPConfig is freshly installed... Thanks for going through all those steps guys... it was worth checking that everything during the install was correct to start with. ISPConfig 3.0.4.2 is installed and running, and the billing module is also installed successfully... The domains have been moved to the hosting company's nameservers. Shorltly I'll start setting up a primary domain and user, and a testclient and testdomain and email and ftp and post after I see if if's all working... Thanks again.
I know that we've been through this before, but can you please post a screenshot of the System -> Server Config -> example.com -> Mail tab within the ISPConfig interface? Also, do you mind creating a test email account for me? (You can PM me the login information.) I'm curious to see if I have the same problem. Frankly, I'm not sure why so many people use Courier. Dovecot seems to be a much better alternative, and I'd be able to help you more effectively if you were using Dovecot... please do consider it.
I've never used either prior to this so I've got no problem switching to Dovecot... is there a howto switch to Dovecot... I'll have a look. PM on the way...
I'm not sure what the best way to expunge Courier + Maildrop might be, or if leaving both installed will cause problems while installing Dovecot + Sieve, but this is my personal recipe for mail on Debian (including Ubuntu): Code: # apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d Edit /etc/postfix/master.cf and ensure that the services section of the file has the same lines as below un-commented; this enables email users to send and receive email over SSL: Code: # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes Clients who wish to use STARTTLS should use the standard ports for POP3 (110), IMAP (143), and SMTP (25). Clients who wish to use SSL/TLS should use port 995 for POP3, port 993 for IMAP, and port 465 for SMTP. Code: # /etc/init.d/postfix restart NOTE: The postfix config file can be found at /etc/postfix/main.cf and the master postfix config file can be found at /etc/postfix/master.cf. Note also that postfix may be reconfigured at any time with Code: # dpkg-reconfigure postfix (IMPORTANT: Ensure that /etc/mailname contains the correct hostname whenever postfix is reconfigured.) Install Amavisd-new, SpamAssassin, and Clamav: Code: # apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl The following messages of interest may be included in the output: Code: Setting up clamav-daemon (0.96.3+dfsg-2ubuntu1.0.10.04.1) ... * Clamav signatures not found in /var/lib/clamav * Please retrieve them using freshclam or install the clamav-data package * Then run '/etc/init.d/clamav-daemon start' Code: SpamAssassin Mail Filter Daemon: disabled, see /etc/default/spamassassin Despite the SpamAssasin message, the configuration file at /etc/default/spamassassin may contain ENABLED=1; ensure that this is the case. Note also that the amavis configuration file may be found at /etc/amavis/conf.d/50-user and the amavis log file may be found at /var/log/amavis.log. ISPConfig should be reconfigured at this point. Accept all of the defaults during installation. The reconfiguration process may undo some of the above changes, so it is important to double-check the above steps after reconfiguring ISPConfig. To reconfigure: Code: # ispconfig_update.sh Don't forget to log into ISPConfig and change the Mail service settings to Dovecot + Sieve. Those are the basics!
Mail account setup and attempting to send See attached screenshots for reference. Image #1 Thunderbird fails to detect my servers' configuration settings automatically. I always have to configure accounts manually. I'm not sure why. But configuring the account manually works as expected for my servers. Note that I have enabled TLS for the connection. Also, I have changed the default server hostnames from .xanderit.com to xanderit.com. (mail.xanderit.com should work, too, provided that your hosting provider creates those DNS records automatically [most do], or you have created them manually. Using mail.example.com is the preferred method because if it ever becomes necessary to move email services to a different server, users won't need to reconfigure their email clients.) Image #2 We receive the certificate warning, as expected. This is good, and it indicates that Courier is accepting encrypted connections on port 143. I accept the certificate permanently. Image #3 Just a close-up of the certificate. The certificate details appear to be correct. Image #4 Thunderbird goes on to check my authentication credentials. Image #5 Thunderbird complains that my credentials may be wrong (they should be correct, so the message is likely inaccurate). So, I hit "Advanced config" on the left to force Thunderbird to accept the settings as I've entered them, despite its inability to auto-configure the account. In the next post, I attempt to send mail...
Code: root@25612-21212:/etc/bind# apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d Reading package lists... Done Building dependency tree Reading state information... Done postfix is already the newest version. postfix-mysql is already the newest version. postfix-doc is already the newest version. mysql-client is already the newest version. mysql-server is already the newest version. libsasl2-2 is already the newest version. libsasl2-modules is already the newest version. libsasl2-modules-sql is already the newest version. sasl2-bin is already the newest version. libpam-mysql is already the newest version. openssl is already the newest version. getmail4 is already the newest version. rkhunter is already the newest version. binutils is already the newest version. The following packages were automatically installed and are no longer required: ispell courier-ssl courier-base courier-authlib-userdb iamerican Use 'apt-get autoremove' to remove them. The following extra packages will be installed: dovecot-common Suggested packages: ufw The following packages will be REMOVED: courier-imap courier-imap-ssl courier-pop courier-pop-ssl The following NEW packages will be installed: dovecot-common dovecot-imapd dovecot-pop3d 0 upgraded, 3 newly installed, 4 to remove and 6 not upgraded. Need to get 7446kB of archives. After this operation, 12.2MB of additional disk space will be used. ... Code: adduser: Warning: The home directory `/usr/lib/dovecot' does not belong to the user you are currently creating. Creating generic self-signed certificate: /etc/ssl/certs/dovecot.pem (replace with hand-crafted or authorized one if needed). ... Code: * Restarting IMAP/POP3 mail server dovecot If you have trouble with authentication failures, enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork This message goes away after the first successful login. /etc/mailname Code: xanderit.com /etc/postfix/main.cf Code: myhostname = 25612-21212.vps.digitalpacific.com.au alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases myorigin = /etc/mailname mydestination = localhost, localhost.localdomain ... Code: apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl Reading package lists... Done Building dependency tree Reading state information... Done amavisd-new is already the newest version. spamassassin is already the newest version. clamav is already the newest version. clamav-daemon is already the newest version. zoo is already the newest version. unzip is already the newest version. bzip2 is already the newest version. arj is already the newest version. nomarch is already the newest version. lzop is already the newest version. cabextract is already the newest version. apt-listchanges is already the newest version. libnet-ldap-perl is already the newest version. libauthen-sasl-perl is already the newest version. clamav-docs is already the newest version. daemon is already the newest version. libio-string-perl is already the newest version. libio-socket-ssl-perl is already the newest version. libnet-ident-perl is already the newest version. zip is already the newest version. libnet-dns-perl is already the newest version. The following packages were automatically installed and are no longer required: ispell courier-ssl courier-base courier-authlib-userdb iamerican Use 'apt-get autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded. /etc/default/spamassassin Code: # Change to one to enable spamd ENABLED=1 and then in ISPConfig I changed from Courier to Dovecot - and Maildrop to Sieve Do I have to re create the mailboxes previously created now that Courier is out and Dovecot is in..?
Image #1 When I attempt to send mail via the SMTP server at xanderit.com, I see this message. There's a bug in Thunderbird that causes the SSL certificate dialog to be "lost in the shuffle", and this message is often the result of an SSL warning dialog that has not been accepted. I have filed a report regarding this bug: https://bugzilla.mozilla.org/show_bug.cgi?id=714706 Image #2 This is the dialog that was "hiding" behind the compose message window. I confirm the security exception for the SMTP server (we already confirmed the warning for the IMAP server). And... drumroll... I receive the test message at the destination account (which is at a domain that I control). Image #3 However, the compose message window gets "stuck" on "Copying message to Sent folder". The dialog has been up for 20 minutes. I have no idea why that might be. Are the permissions on the mail directories correct? What's the output of Code: # ls -lah /var/vmail I notice also that none of the default IMAP folders exist (Sent, Drafts, Trash, etc.).
When I replied to the test message that I sent to my own account from xanderit.com, the mail was accepted for delivery. Then, when I went to check my inbox on xanderit.com, the Thunderbird status bar showed: Checking mail server capabilities... Sending login information... and then Image #1 Authentication failure. There should be a corresponding entry in /var/log/auth.log around 10:38 PM (EST). I re-enter the same password (which we will assume to be correct) and again I receive the dialog. Is this due to switching from Courier to Dovecot? Hmm, it shouldn't be, because I should still have a virtual mailbox in the ISPConfig's MySQL database. Image #2 When I tried to check mail immediately after configuring the account, before my first post in this little mini-series, I received the pop-up error at the bottom of the Thunderbird interface. Anyway, I'm receiving an authentication failure now (pictured in image #1), which actually seems like a step in the right direction. (I no longer see the pop-up message in image #2.) I'll await a response before performing further tests.
Curiously, I am still able to send mail, which means that my credentials are good. But I still receive the never-ending progress bar when Thunderbird attempts to copy the message to Sent (the folder seems not to exist). Are you sure that you didn't check the "Disable IMAP" box on the mailbox configuration screen? Also, whenever login fails during IMAP inbox check, Thunderbird's Error Console fills-up with this message: Error: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsIMsgFolder.getStringProperty]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: chrome://messenger/content/folderPane.js :: getSmartFolderName :: line 2471" data: no] Source File: chrome://messenger/content/folderPane.js Line: 2473 Not sure what that may mean, but it's probably related to the root issue.
ls -lah /var/vmail total 24K drwxr-xr-x 5 root root 4.0K Jan 15 15:20 . drwxr-xr-x 17 root root 4.0K Jan 15 00:30 .. -rw------- 1 vmail vmail 1.5K Jan 14 11:46 .mailfilter drwxr-xr-x 4 root root 4.0K Jan 15 15:20 mailfilters drwx------ 3 root root 4.0K Jan 14 17:55 urbancampsite.com drwx------ 5 root root 4.0K Jan 20 12:46 xanderit.com "Curiously, I am still able to send mail, which means that my credentials are good. But I still receive infinite progress bar when Thunderbird attempts to copy the message to Sent (the folder seems not to exist)." -This is similar to what evolution is doing "Are you sure that you didn't check the "Disable IMAP" box on the mailbox configuration screen?" -not checked
Okay a couple of things. 1.) I tried configuring the mail account as POP instead of IMAP. I still receive an authentication failure, although the dialog is slightly different (see image #1). 2.) The permissions on the vmail directories are incorrect. That would definitely cause the issue with the Sent folder. They should look like this: Code: # ls -lah /var/vmail total 48K drwxr-xr-x 7 vmail vmail 4.0K Oct 22 11:56 . drwxr-xr-x 18 root root 4.0K Oct 23 11:03 .. -rw-r--r-- 1 vmail vmail 220 Apr 18 2010 .bash_logout -rw-r--r-- 1 vmail vmail 3.1K Apr 18 2010 .bashrc -rw------- 1 vmail vmail 1.4K Jan 2 19:23 .mailfilter -rw-r--r-- 1 root root 1.4K Jan 2 19:23 .mailfilter~ -rw-r--r-- 1 vmail vmail 675 Apr 18 2010 .profile drwxr-xr-x 12 vmail vmail 4.0K Nov 23 2010 example.com drwxr-xr-x 2 root root 4.0K Nov 9 2010 mailfilters drwxr-xr-x 8 vmail vmail 4.0K Apr 3 2011 example2.com Try changing the permissions on those directories to match my example above, e.g.: Code: # chown -R vmail:vmail /var/vmail/xanderit.com # chmod -R 755 /var/vmail/xanderit.com and any other changes that may be necessary. Concerning the warning that you received while installing Dovecot: This seems expected because the "root" user should own /usr/lib/dovecot (and clearly, Dovecot setup was not creating a user named "root"). Glad you posted the DNS records. Those shouldn't be there. From what I understand, and based on previous posts in this thread, you pointed your domain's nameservers back to the hosting provider's servers (ns1 and ns2.digitalpacific.com.au). If that is the case, then there is no point in making the same entries within ISPConfig and Bind. As I said earlier, I don't use Bind or ISPConfig's interface for it, so I don't know if the presence of those records could be interfering in any way, but I would delete them. (The DNS records look correct, if you were to be running your own nameservers, by the way.) You didn't say whether you found anything relevant in /var/log/auth.log around 10:38PM Eastern...
I removed the NS entries from ISPConfig... Code: # chown -R vmail:vmail /var/vmail/xanderit.com # chmod -R 755 /var/vmail/xanderit.com Code: ls -lah /var/vmail total 24K drwxr-xr-x 5 root root 4.0K Jan 15 15:20 . drwxr-xr-x 17 root root 4.0K Jan 15 00:30 .. -rw------- 1 vmail vmail 1.5K Jan 14 11:46 .mailfilter drwxr-xr-x 4 root root 4.0K Jan 15 15:20 mailfilters drwxr-xr-x 3 vmail vmail 4.0K Jan 14 17:55 urbancampsite.com drwxr-xr-x 5 vmail vmail 4.0K Jan 20 12:46 xanderit.com
from /var/log/auth.log Code: Jan 20 12:18:33 25612-21212 sshd[3706]: reverse mapping checking getaddrinfo for acupfulloftea1a.com [174.139.64.2] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 20 12:18:33 25612-21212 sshd[3706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.139.64.2 user=bin Jan 20 12:18:36 25612-21212 sshd[3706]: Failed password for bin from 174.139.64.2 port 44057 ssh2 Jan 20 12:18:37 25612-21212 sshd[3708]: reverse mapping checking getaddrinfo for acupfulloftea1a.com [174.139.64.2] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 20 12:18:37 25612-21212 sshd[3708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.139.64.2 user=root Jan 20 12:18:39 25612-21212 sshd[3708]: Failed password for root from 174.139.64.2 port 45105 ssh2 Jan 20 12:18:41 25612-21212 sshd[3712]: reverse mapping checking getaddrinfo for acupfulloftea1a.com [174.139.64.2] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 20 12:18:41 25612-21212 sshd[3712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.139.64.2 user=root Jan 20 12:18:43 25612-21212 sshd[3712]: Failed password for root from 174.139.64.2 port 46102 ssh2 Jan 20 12:18:44 25612-21212 sshd[3714]: reverse mapping checking getaddrinfo for acupfulloftea1a.com [174.139.64.2] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 20 12:18:44 25612-21212 sshd[3714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.139.64.2 user=root Jan 20 12:18:47 25612-21212 sshd[3714]: Failed password for root from 174.139.64.2 port 47107 ssh2 Jan 20 12:18:48 25612-21212 sshd[3716]: reverse mapping checking getaddrinfo for acupfulloftea1a.com [174.139.64.2] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 20 12:18:48 25612-21212 sshd[3716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.139.64.2 user=root Jan 20 12:18:50 25612-21212 sshd[3716]: Failed password for root from 174.139.64.2 port 48202 ssh2 Jan 20 12:18:52 25612-21212 sshd[3718]: reverse mapping checking getaddrinfo for acupfulloftea1a.com [174.139.64.2] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 20 12:18:52 25612-21212 sshd[3718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.139.64.2 user=root Jan 20 12:18:53 25612-21212 sshd[3718]: Failed password for root from 174.139.64.2 port 49200 ssh2 Jan 20 12:19:01 25612-21212 CRON[3728]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:19:01 25612-21212 CRON[3728]: pam_unix(cron:session): session closed for user root Jan 20 12:20:01 25612-21212 CRON[3752]: pam_unix(cron:session): session opened for user smmsp by (uid=0) Jan 20 12:20:01 25612-21212 CRON[3754]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 12:20:01 25612-21212 CRON[3757]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:20:01 25612-21212 CRON[3756]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 12:20:01 25612-21212 CRON[3754]: pam_unix(cron:session): session closed for user www-data Jan 20 12:20:01 25612-21212 CRON[3756]: pam_unix(cron:session): session closed for user getmail Jan 20 12:20:01 25612-21212 CRON[3752]: pam_unix(cron:session): session closed for user smmsp Jan 20 12:20:01 25612-21212 postfix/smtpd[3803]: sql auxprop plugin using mysql engine Jan 20 12:20:02 25612-21212 CRON[3757]: pam_unix(cron:session): session closed for user root Jan 20 12:20:02 25612-21212 postfix/smtpd[3830]: sql auxprop plugin using mysql engine Jan 20 12:21:01 25612-21212 CRON[3840]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:21:01 25612-21212 CRON[3840]: pam_unix(cron:session): session closed for user root Jan 20 12:22:01 25612-21212 CRON[3846]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:22:01 25612-21212 CRON[3846]: pam_unix(cron:session): session closed for user root Jan 20 12:23:01 25612-21212 CRON[3852]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:23:01 25612-21212 CRON[3852]: pam_unix(cron:session): session closed for user root Jan 20 12:24:01 25612-21212 CRON[3858]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:24:01 25612-21212 CRON[3858]: pam_unix(cron:session): session closed for user root Jan 20 12:25:01 25612-21212 CRON[3882]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 12:25:01 25612-21212 CRON[3883]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:25:01 25612-21212 CRON[3882]: pam_unix(cron:session): session closed for user getmail Jan 20 12:25:01 25612-21212 postfix/smtpd[3906]: sql auxprop plugin using mysql engine Jan 20 12:25:01 25612-21212 CRON[3883]: pam_unix(cron:session): session closed for user root Jan 20 12:26:01 25612-21212 CRON[3987]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:26:01 25612-21212 CRON[3987]: pam_unix(cron:session): session closed for user root Jan 20 12:27:01 25612-21212 CRON[3993]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:27:01 25612-21212 CRON[3993]: pam_unix(cron:session): session closed for user root Jan 20 12:28:01 25612-21212 CRON[3999]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:28:01 25612-21212 CRON[3999]: pam_unix(cron:session): session closed for user root Jan 20 12:29:01 25612-21212 CRON[4011]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:29:01 25612-21212 CRON[4011]: pam_unix(cron:session): session closed for user root Jan 20 12:30:01 25612-21212 CRON[4035]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 12:30:01 25612-21212 CRON[4037]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 12:30:01 25612-21212 CRON[4039]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:30:01 25612-21212 CRON[4035]: pam_unix(cron:session): session closed for user www-data Jan 20 12:30:01 25612-21212 CRON[4037]: pam_unix(cron:session): session closed for user getmail Jan 20 12:30:01 25612-21212 postfix/smtpd[4064]: sql auxprop plugin using mysql engine Jan 20 12:30:02 25612-21212 CRON[4039]: pam_unix(cron:session): session closed for user root Jan 20 12:31:01 25612-21212 CRON[4091]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:31:01 25612-21212 CRON[4091]: pam_unix(cron:session): session closed for user root Jan 20 12:32:01 25612-21212 CRON[5129]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:32:01 25612-21212 CRON[5129]: pam_unix(cron:session): session closed for user root Jan 20 12:33:01 25612-21212 CRON[5134]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:33:01 25612-21212 CRON[5134]: pam_unix(cron:session): session closed for user root Jan 20 12:34:01 25612-21212 CRON[5140]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:34:01 25612-21212 CRON[5140]: pam_unix(cron:session): session closed for user root Jan 20 12:35:01 25612-21212 CRON[5164]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 12:35:01 25612-21212 CRON[5166]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:35:01 25612-21212 CRON[5164]: pam_unix(cron:session): session closed for user getmail Jan 20 12:35:01 25612-21212 postfix/smtpd[5188]: sql auxprop plugin using mysql engine Jan 20 12:35:01 25612-21212 CRON[5166]: pam_unix(cron:session): session closed for user root Jan 20 12:36:01 25612-21212 CRON[5271]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:36:01 25612-21212 CRON[5271]: pam_unix(cron:session): session closed for user root Jan 20 12:37:01 25612-21212 CRON[5277]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:37:02 25612-21212 CRON[5277]: pam_unix(cron:session): session closed for user root Jan 20 12:38:01 25612-21212 CRON[5283]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:38:01 25612-21212 CRON[5283]: pam_unix(cron:session): session closed for user root Jan 20 12:39:01 25612-21212 CRON[5289]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:39:01 25612-21212 CRON[5291]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:39:01 25612-21212 CRON[5291]: pam_unix(cron:session): session closed for user root Jan 20 12:39:01 25612-21212 CRON[5289]: pam_unix(cron:session): session closed for user root Jan 20 12:40:01 25612-21212 CRON[5318]: pam_unix(cron:session): session opened for user smmsp by (uid=0) Jan 20 12:40:01 25612-21212 CRON[5322]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:40:01 25612-21212 CRON[5320]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 12:40:01 25612-21212 CRON[5321]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 12:40:01 25612-21212 CRON[5320]: pam_unix(cron:session): session closed for user www-data Jan 20 12:40:01 25612-21212 CRON[5321]: pam_unix(cron:session): session closed for user getmail Jan 20 12:40:01 25612-21212 postfix/smtpd[5372]: sql auxprop plugin using mysql engine Jan 20 12:40:01 25612-21212 CRON[5318]: pam_unix(cron:session): session closed for user smmsp Jan 20 12:40:01 25612-21212 CRON[5322]: pam_unix(cron:session): session closed for user root Jan 20 12:40:01 25612-21212 postfix/smtpd[5401]: sql auxprop plugin using mysql engine Jan 20 12:41:01 25612-21212 CRON[5408]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:41:01 25612-21212 CRON[5408]: pam_unix(cron:session): session closed for user root Jan 20 12:42:01 25612-21212 CRON[5414]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:42:01 25612-21212 CRON[5414]: pam_unix(cron:session): session closed for user root Jan 20 12:43:01 25612-21212 CRON[5420]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:43:01 25612-21212 CRON[5420]: pam_unix(cron:session): session closed for user root Jan 20 12:44:01 25612-21212 CRON[5426]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:44:01 25612-21212 CRON[5426]: pam_unix(cron:session): session closed for user root Jan 20 12:45:01 25612-21212 CRON[5432]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 12:45:01 25612-21212 CRON[5433]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:45:01 25612-21212 CRON[5432]: pam_unix(cron:session): session closed for user getmail Jan 20 12:45:01 25612-21212 postfix/smtpd[5459]: sql auxprop plugin using mysql engine Jan 20 12:45:01 25612-21212 CRON[5433]: pam_unix(cron:session): session closed for user root Jan 20 12:46:01 25612-21212 CRON[5562]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:46:01 25612-21212 su[5568]: Successful su for vmail by root Jan 20 12:46:01 25612-21212 su[5568]: + ??? root:vmail Jan 20 12:46:01 25612-21212 su[5568]: pam_env(su:session): Unable to open env file: /etc/default/locale: No such file or directory Jan 20 12:46:01 25612-21212 su[5568]: pam_unix(su:session): session opened for user vmail by (uid=0) Jan 20 12:46:01 25612-21212 su[5568]: pam_unix(su:session): session closed for user vmail Jan 20 12:46:01 25612-21212 CRON[5562]: pam_unix(cron:session): session closed for user root Jan 20 12:47:01 25612-21212 CRON[5592]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:47:02 25612-21212 CRON[5592]: pam_unix(cron:session): session closed for user root Jan 20 12:48:01 25612-21212 CRON[5597]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:48:01 25612-21212 CRON[5597]: pam_unix(cron:session): session closed for user root Jan 20 12:49:01 25612-21212 CRON[5603]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:49:01 25612-21212 CRON[5603]: pam_unix(cron:session): session closed for user root Jan 20 12:50:01 25612-21212 CRON[5609]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 12:50:01 25612-21212 CRON[5610]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 12:50:01 25612-21212 CRON[5609]: pam_unix(cron:session): session closed for user www-data Jan 20 12:50:01 25612-21212 CRON[5613]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:50:01 25612-21212 CRON[5610]: pam_unix(cron:session): session closed for user getmail Jan 20 12:50:01 25612-21212 postfix/smtpd[5636]: sql auxprop plugin using mysql engine Jan 20 12:50:01 25612-21212 CRON[5613]: pam_unix(cron:session): session closed for user root Jan 20 12:51:01 25612-21212 CRON[5680]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:51:01 25612-21212 CRON[5680]: pam_unix(cron:session): session closed for user root Jan 20 12:52:01 25612-21212 CRON[5687]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:52:01 25612-21212 CRON[5687]: pam_unix(cron:session): session closed for user root Jan 20 12:53:01 25612-21212 CRON[5693]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:53:01 25612-21212 CRON[5693]: pam_unix(cron:session): session closed for user root Jan 20 12:54:01 25612-21212 CRON[5699]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:54:01 25612-21212 CRON[5699]: pam_unix(cron:session): session closed for user root Jan 20 12:55:01 25612-21212 CRON[5704]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 12:55:01 25612-21212 CRON[5706]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:55:01 25612-21212 CRON[5704]: pam_unix(cron:session): session closed for user getmail Jan 20 12:55:01 25612-21212 postfix/smtpd[5728]: sql auxprop plugin using mysql engine Jan 20 12:55:01 25612-21212 CRON[5706]: pam_unix(cron:session): session closed for user root Jan 20 12:56:01 25612-21212 CRON[5832]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:56:01 25612-21212 CRON[5832]: pam_unix(cron:session): session closed for user root Jan 20 12:57:01 25612-21212 CRON[5838]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:57:01 25612-21212 CRON[5840]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:57:01 25612-21212 CRON[5838]: pam_unix(cron:session): session closed for user root Jan 20 12:57:01 25612-21212 CRON[5840]: pam_unix(cron:session): session closed for user root Jan 20 12:58:01 25612-21212 CRON[5847]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:58:01 25612-21212 CRON[5847]: pam_unix(cron:session): session closed for user root Jan 20 12:59:01 25612-21212 CRON[5853]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 12:59:01 25612-21212 CRON[5853]: pam_unix(cron:session): session closed for user root Jan 20 13:00:01 25612-21212 CRON[5859]: pam_unix(cron:session): session opened for user smmsp by (uid=0) Jan 20 13:00:01 25612-21212 CRON[5861]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 13:00:01 25612-21212 CRON[5863]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:00:01 25612-21212 CRON[5864]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:00:01 25612-21212 CRON[5861]: pam_unix(cron:session): session closed for user www-data Jan 20 13:00:01 25612-21212 CRON[5863]: pam_unix(cron:session): session closed for user getmail Jan 20 13:00:02 25612-21212 postfix/smtpd[5910]: sql auxprop plugin using mysql engine Jan 20 13:00:02 25612-21212 CRON[5859]: pam_unix(cron:session): session closed for user smmsp Jan 20 13:00:06 25612-21212 postfix/smtpd[5940]: sql auxprop plugin using mysql engine Jan 20 13:00:08 25612-21212 CRON[5864]: pam_unix(cron:session): session closed for user root Jan 20 13:01:01 25612-21212 CRON[5978]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:01:01 25612-21212 CRON[5978]: pam_unix(cron:session): session closed for user root Jan 20 13:02:01 25612-21212 CRON[5983]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:02:01 25612-21212 CRON[5983]: pam_unix(cron:session): session closed for user root Jan 20 13:03:01 25612-21212 CRON[5989]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:03:01 25612-21212 CRON[5989]: pam_unix(cron:session): session closed for user root Jan 20 13:04:01 25612-21212 CRON[5995]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:04:01 25612-21212 CRON[5995]: pam_unix(cron:session): session closed for user root Jan 20 13:05:01 25612-21212 CRON[6001]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:05:01 25612-21212 CRON[6003]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:05:01 25612-21212 CRON[6001]: pam_unix(cron:session): session closed for user getmail Jan 20 13:05:01 25612-21212 postfix/smtpd[6025]: sql auxprop plugin using mysql engine Jan 20 13:05:02 25612-21212 CRON[6003]: pam_unix(cron:session): session closed for user root Jan 20 13:06:01 25612-21212 CRON[6127]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:06:01 25612-21212 CRON[6127]: pam_unix(cron:session): session closed for user root Jan 20 13:07:01 25612-21212 CRON[6133]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:07:01 25612-21212 CRON[6133]: pam_unix(cron:session): session closed for user root Jan 20 13:08:01 25612-21212 CRON[6138]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:08:01 25612-21212 CRON[6138]: pam_unix(cron:session): session closed for user root Jan 20 13:09:01 25612-21212 CRON[7169]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:09:01 25612-21212 CRON[7168]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:09:01 25612-21212 CRON[7168]: pam_unix(cron:session): session closed for user root Jan 20 13:09:01 25612-21212 CRON[7169]: pam_unix(cron:session): session closed for user root Jan 20 13:09:33 25612-21212 postfix/smtpd[7232]: sql auxprop plugin using mysql engine Jan 20 13:09:33 25612-21212 postfix/smtpd[7234]: sql auxprop plugin using mysql engine Jan 20 13:09:33 25612-21212 postfix/smtpd[7235]: sql auxprop plugin using mysql engine Jan 20 13:09:33 25612-21212 postfix/smtpd[7236]: sql auxprop plugin using mysql engine Jan 20 13:10:01 25612-21212 CRON[7238]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 13:10:01 25612-21212 CRON[7239]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:10:01 25612-21212 CRON[7238]: pam_unix(cron:session): session closed for user www-data Jan 20 13:10:01 25612-21212 CRON[7243]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:10:01 25612-21212 CRON[7239]: pam_unix(cron:session): session closed for user getmail Jan 20 13:10:01 25612-21212 CRON[7243]: pam_unix(cron:session): session closed for user root Jan 20 13:11:01 25612-21212 CRON[7308]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:11:01 25612-21212 CRON[7308]: pam_unix(cron:session): session closed for user root Jan 20 13:11:46 25612-21212 sshd[7319]: Did not receive identification string from 202.47.160.12 Jan 20 13:12:01 25612-21212 CRON[7332]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:12:01 25612-21212 CRON[7332]: pam_unix(cron:session): session closed for user root Jan 20 13:13:01 25612-21212 CRON[7350]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:13:01 25612-21212 CRON[7350]: pam_unix(cron:session): session closed for user root Jan 20 13:14:01 25612-21212 CRON[7356]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:14:01 25612-21212 CRON[7356]: pam_unix(cron:session): session closed for user root Jan 20 13:15:01 25612-21212 CRON[7363]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:15:01 25612-21212 CRON[7362]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:15:01 25612-21212 CRON[7362]: pam_unix(cron:session): session closed for user getmail Jan 20 13:15:01 25612-21212 postfix/smtpd[7390]: sql auxprop plugin using mysql engine Jan 20 13:15:01 25612-21212 CRON[7363]: pam_unix(cron:session): session closed for user root Jan 20 13:16:01 25612-21212 CRON[7491]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:16:01 25612-21212 CRON[7491]: pam_unix(cron:session): session closed for user root Jan 20 13:17:01 25612-21212 CRON[7500]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:17:01 25612-21212 CRON[7500]: pam_unix(cron:session): session closed for user root Jan 20 13:18:01 25612-21212 CRON[7506]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:18:02 25612-21212 CRON[7506]: pam_unix(cron:session): session closed for user root Jan 20 13:19:01 25612-21212 CRON[7524]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:19:01 25612-21212 CRON[7524]: pam_unix(cron:session): session closed for user root Jan 20 13:19:56 25612-21212 postfix/smtpd[7530]: sql auxprop plugin using mysql engine Jan 20 13:19:58 25612-21212 postfix/smtpd[7533]: sql auxprop plugin using mysql engine Jan 20 13:20:01 25612-21212 CRON[7534]: pam_unix(cron:session): session opened for user smmsp by (uid=0) Jan 20 13:20:01 25612-21212 CRON[7536]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 13:20:01 25612-21212 CRON[7536]: pam_unix(cron:session): session closed for user www-data Jan 20 13:20:01 25612-21212 CRON[7537]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:20:01 25612-21212 CRON[7539]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:20:01 25612-21212 CRON[7537]: pam_unix(cron:session): session closed for user getmail Jan 20 13:20:01 25612-21212 CRON[7534]: pam_unix(cron:session): session closed for user smmsp Jan 20 13:20:01 25612-21212 CRON[7539]: pam_unix(cron:session): session closed for user root Jan 20 13:20:01 25612-21212 postfix/smtpd[7610]: sql auxprop plugin using mysql engine Jan 20 13:21:01 25612-21212 CRON[7634]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:21:01 25612-21212 CRON[7634]: pam_unix(cron:session): session closed for user root Jan 20 13:22:01 25612-21212 CRON[7670]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:22:01 25612-21212 CRON[7670]: pam_unix(cron:session): session closed for user root Jan 20 13:23:01 25612-21212 CRON[7687]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:23:01 25612-21212 CRON[7687]: pam_unix(cron:session): session closed for user root Jan 20 13:24:01 25612-21212 CRON[7695]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:24:01 25612-21212 CRON[7695]: pam_unix(cron:session): session closed for user root Jan 20 13:25:01 25612-21212 CRON[7701]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:25:01 25612-21212 CRON[7703]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:25:01 25612-21212 CRON[7701]: pam_unix(cron:session): session closed for user getmail Jan 20 13:25:01 25612-21212 postfix/smtpd[7725]: sql auxprop plugin using mysql engine Jan 20 13:25:01 25612-21212 CRON[7703]: pam_unix(cron:session): session closed for user root Jan 20 13:26:01 25612-21212 CRON[7810]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:26:01 25612-21212 CRON[7810]: pam_unix(cron:session): session closed for user root Jan 20 13:26:07 25612-21212 sshd[7815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.160.12 user=root Jan 20 13:26:08 25612-21212 sshd[7815]: Failed password for root from 202.47.160.12 port 46892 ssh2 Jan 20 13:26:12 25612-21212 sshd[7817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.160.12 user=root Jan 20 13:26:14 25612-21212 sshd[7817]: Failed password for root from 202.47.160.12 port 46983 ssh2 Jan 20 13:26:16 25612-21212 sshd[7820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.160.12 user=root Jan 20 13:26:18 25612-21212 sshd[7820]: Failed password for root from 202.47.160.12 port 47092 ssh2 Jan 20 13:26:20 25612-21212 sshd[7822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.160.12 user=root Jan 20 13:26:22 25612-21212 sshd[7822]: Failed password for root from 202.47.160.12 port 47190 ssh2 Jan 20 13:26:25 25612-21212 sshd[7857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.160.12 user=root Jan 20 13:26:26 25612-21212 sshd[7857]: Failed password for root from 202.47.160.12 port 47283 ssh2 Jan 20 13:26:29 25612-21212 sshd[7987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.47.160.12 user=root Jan 20 13:26:31 25612-21212 groupadd[9365]: group added to /etc/group: name=dovecot, GID=120 Jan 20 13:26:31 25612-21212 groupadd[9365]: group added to /etc/gshadow: name=dovecot Jan 20 13:26:31 25612-21212 groupadd[9365]: new group: name=dovecot, GID=120 Jan 20 13:26:31 25612-21212 useradd[9369]: new user: name=dovecot, UID=115, GID=120, home=/usr/lib/dovecot, shell=/bin/false Jan 20 13:26:31 25612-21212 usermod[9374]: change user 'dovecot' password Jan 20 13:26:31 25612-21212 chage[9379]: changed password expiry for dovecot Jan 20 13:26:31 25612-21212 sshd[7987]: Failed password for root from 202.47.160.12 port 47378 ssh2 Jan 20 13:26:31 25612-21212 chfn[9382]: changed user 'dovecot' information Jan 20 13:27:01 25612-21212 CRON[9577]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:27:01 25612-21212 CRON[9577]: pam_unix(cron:session): session closed for user root Jan 20 13:28:01 25612-21212 CRON[9583]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:28:01 25612-21212 CRON[9583]: pam_unix(cron:session): session closed for user root Jan 20 13:29:01 25612-21212 CRON[9589]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:29:01 25612-21212 CRON[9589]: pam_unix(cron:session): session closed for user root Jan 20 13:30:01 25612-21212 CRON[9594]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 13:30:01 25612-21212 CRON[9596]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:30:01 25612-21212 CRON[9598]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:30:01 25612-21212 CRON[9594]: pam_unix(cron:session): session closed for user www-data Jan 20 13:30:01 25612-21212 CRON[9596]: pam_unix(cron:session): session closed for user getmail Jan 20 13:30:02 25612-21212 postfix/smtpd[9624]: sql auxprop plugin using mysql engine Jan 20 13:30:02 25612-21212 CRON[9598]: pam_unix(cron:session): session closed for user root Jan 20 13:31:01 25612-21212 CRON[9651]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:31:01 25612-21212 CRON[9651]: pam_unix(cron:session): session closed for user root Jan 20 13:32:01 25612-21212 CRON[9679]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:32:01 25612-21212 CRON[9679]: pam_unix(cron:session): session closed for user root Jan 20 13:33:01 25612-21212 CRON[9686]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:33:01 25612-21212 CRON[9686]: pam_unix(cron:session): session closed for user root Jan 20 13:34:01 25612-21212 CRON[9692]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:34:01 25612-21212 CRON[9692]: pam_unix(cron:session): session closed for user root Jan 20 13:35:01 25612-21212 CRON[9698]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:35:01 25612-21212 CRON[9699]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:35:01 25612-21212 CRON[9698]: pam_unix(cron:session): session closed for user getmail Jan 20 13:35:01 25612-21212 postfix/smtpd[9722]: sql auxprop plugin using mysql engine Jan 20 13:35:01 25612-21212 CRON[9699]: pam_unix(cron:session): session closed for user root Jan 20 13:36:01 25612-21212 CRON[9805]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:36:01 25612-21212 CRON[9805]: pam_unix(cron:session): session closed for user root Jan 20 13:37:01 25612-21212 CRON[9834]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:37:01 25612-21212 CRON[9834]: pam_unix(cron:session): session closed for user root Jan 20 13:38:01 25612-21212 CRON[9840]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:38:01 25612-21212 CRON[9840]: pam_unix(cron:session): session closed for user root Jan 20 13:39:01 25612-21212 CRON[9846]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:39:01 25612-21212 CRON[9847]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:39:01 25612-21212 CRON[9846]: pam_unix(cron:session): session closed for user root Jan 20 13:39:01 25612-21212 CRON[9847]: pam_unix(cron:session): session closed for user root Jan 20 13:40:01 25612-21212 CRON[9998]: pam_unix(cron:session): session opened for user smmsp by (uid=0) Jan 20 13:40:01 25612-21212 CRON[10000]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 13:40:01 25612-21212 CRON[10003]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:40:01 25612-21212 CRON[10001]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:40:01 25612-21212 CRON[10000]: pam_unix(cron:session): session closed for user www-data Jan 20 13:40:01 25612-21212 CRON[10001]: pam_unix(cron:session): session closed for user getmail Jan 20 13:40:01 25612-21212 CRON[9998]: pam_unix(cron:session): session closed for user smmsp Jan 20 13:40:01 25612-21212 postfix/smtpd[10045]: sql auxprop plugin using mysql engine Jan 20 13:40:02 25612-21212 CRON[10003]: pam_unix(cron:session): session closed for user root Jan 20 13:40:02 25612-21212 postfix/smtpd[10075]: sql auxprop plugin using mysql engine Jan 20 13:41:01 25612-21212 CRON[10082]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:41:01 25612-21212 CRON[10082]: pam_unix(cron:session): session closed for user root Jan 20 13:42:01 25612-21212 CRON[10106]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:42:01 25612-21212 CRON[10106]: pam_unix(cron:session): session closed for user root Jan 20 13:43:01 25612-21212 CRON[10115]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:43:01 25612-21212 CRON[10115]: pam_unix(cron:session): session closed for user root Jan 20 13:44:01 25612-21212 CRON[10121]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:44:01 25612-21212 CRON[10121]: pam_unix(cron:session): session closed for user root Jan 20 13:45:01 25612-21212 CRON[10186]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:45:01 25612-21212 CRON[10187]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:45:01 25612-21212 CRON[10186]: pam_unix(cron:session): session closed for user getmail Jan 20 13:45:01 25612-21212 postfix/smtpd[10214]: sql auxprop plugin using mysql engine Jan 20 13:45:01 25612-21212 CRON[10187]: pam_unix(cron:session): session closed for user root Jan 20 13:46:01 25612-21212 CRON[11266]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:46:01 25612-21212 CRON[11266]: pam_unix(cron:session): session closed for user root Jan 20 13:47:01 25612-21212 CRON[11273]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:47:01 25612-21212 CRON[11273]: pam_unix(cron:session): session closed for user root Jan 20 13:47:10 25612-21212 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Jan 20 13:47:10 25612-21212 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=76.179.0.31 Jan 20 13:47:19 25612-21212 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Jan 20 13:47:19 25612-21212 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=76.179.0.31 Jan 20 13:48:01 25612-21212 CRON[11298]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:48:01 25612-21212 CRON[11298]: pam_unix(cron:session): session closed for user root Jan 20 13:49:01 25612-21212 CRON[11304]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:49:01 25612-21212 CRON[11304]: pam_unix(cron:session): session closed for user root Jan 20 13:50:01 25612-21212 CRON[11315]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 13:50:01 25612-21212 CRON[11317]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:50:01 25612-21212 CRON[11319]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:50:01 25612-21212 CRON[11315]: pam_unix(cron:session): session closed for user www-data Jan 20 13:50:01 25612-21212 CRON[11317]: pam_unix(cron:session): session closed for user getmail Jan 20 13:50:01 25612-21212 postfix/smtpd[11341]: sql auxprop plugin using mysql engine Jan 20 13:50:02 25612-21212 CRON[11319]: pam_unix(cron:session): session closed for user root Jan 20 13:51:01 25612-21212 CRON[11500]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:51:01 25612-21212 CRON[11500]: pam_unix(cron:session): session closed for user root Jan 20 13:52:01 25612-21212 CRON[11507]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:52:01 25612-21212 CRON[11507]: pam_unix(cron:session): session closed for user root Jan 20 13:52:26 25612-21212 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Jan 20 13:52:26 25612-21212 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=76.179.0.31 Jan 20 13:52:35 25612-21212 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Jan 20 13:52:35 25612-21212 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=76.179.0.31 Jan 20 13:53:01 25612-21212 CRON[11533]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:53:01 25612-21212 CRON[11533]: pam_unix(cron:session): session closed for user root Jan 20 13:54:01 25612-21212 CRON[11539]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:54:01 25612-21212 CRON[11539]: pam_unix(cron:session): session closed for user root Jan 20 13:55:01 25612-21212 CRON[11545]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 13:55:01 25612-21212 CRON[11546]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:55:01 25612-21212 CRON[11545]: pam_unix(cron:session): session closed for user getmail Jan 20 13:55:01 25612-21212 postfix/smtpd[11570]: sql auxprop plugin using mysql engine Jan 20 13:55:01 25612-21212 CRON[11546]: pam_unix(cron:session): session closed for user root Jan 20 13:56:01 25612-21212 CRON[11657]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:56:01 25612-21212 CRON[11657]: pam_unix(cron:session): session closed for user root Jan 20 13:57:01 25612-21212 CRON[11663]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:57:01 25612-21212 CRON[11664]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:57:01 25612-21212 CRON[11663]: pam_unix(cron:session): session closed for user root Jan 20 13:57:01 25612-21212 CRON[11664]: pam_unix(cron:session): session closed for user root Jan 20 13:58:01 25612-21212 CRON[12052]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:58:01 25612-21212 CRON[12052]: pam_unix(cron:session): session closed for user root Jan 20 13:59:01 25612-21212 CRON[13328]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 13:59:01 25612-21212 CRON[13328]: pam_unix(cron:session): session closed for user root Jan 20 14:00:01 25612-21212 CRON[13334]: pam_unix(cron:session): session opened for user smmsp by (uid=0) Jan 20 14:00:01 25612-21212 CRON[13336]: pam_unix(cron:session): session opened for user www-data by (uid=0) Jan 20 14:00:01 25612-21212 CRON[13337]: pam_unix(cron:session): session opened for user getmail by (uid=0) Jan 20 14:00:01 25612-21212 CRON[13338]: pam_unix(cron:session): session opened for user root by (uid=0) Jan 20 14:00:01 25612-21212 CRON[13336]: pam_unix(cron:session): session closed for user www-data Jan 20 14:00:01 25612-21212 CRON[13337]: pam_unix(cron:session): session closed for user getmail