Hello, in my ISP panel in email warning I can see information like warning: unknown[45.133.99.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 So i guess that means someone tried to login to mail server? I am using Fail2Ban too, try change this in /etc/fail2ban/jail.d/defaults-debian.confhttps://serverfault.com/questions/2...ication-failed-ugfzc3dvcmq6-find-the-username But still i can see this logs. What is the best solution here? Maybe i should change something in postfix settings?
In final maybe this little solve this problem. I try to chceck fail2ban log and from time of change a can see there a few records as 2020-04-03 22:24:46,408 fail2ban.filter [1029]: INFO [postfix-sasl] Found 78.128.113.73 2020-04-03 22:25:10,343 fail2ban.filter [1029]: INFO [postfix-sasl] Found 78.128.113.73 Just about 7. Other records looks like 2020-04-03 21:56:19,642 fail2ban.filter [1029]: INFO [sshd] Found 222.186.30.35 EDIT. Final i can see more attemps with same error, but maybe less then before. If someone have any idea, i will be happy Thats just warning, not fatal error, so this is not so important i hope.
Using Internet Search Engines with Code: SASL LOGIN authentication failed: UGFzc3dvcmQ6 You find this: https://www.howtoforge.com/communit...ogin-authentication-failed.75224/#post-354145