Hello I have followed the your guide for a perfect server on ubuntu 20. All works fine except for the email. All ports are opened, trying to send using port 25 the email is delivered but marked as spam. So, I'm trying to use STARTTLS without success. Follow my configuration: telnet test (tried with hosts: localhost, 104.248.91.55, mail.apedesign.net. Always get error: 'Connection closed by foreign host.') Code: root@ape-design-host:~# telnet mail.apedesign.net 587 Trying 104.248.91.55... Connected to mail.apedesign.net. Escape character is '^]'. 220 ape-design-host.apedesign.net ESMTP Postfix (Ubuntu) EHLO ape-design-host.apedesign.net 250-ape-design-host.apedesign.net 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250-SMTPUTF8 250 CHUNKING STARTTLS 220 2.0.0 Ready to start TLS AUTH LOGIN Connection closed by foreign host. ifconfig Code: eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 104.248.91.55 netmask 255.255.240.0 broadcast 104.248.95.255 inet6 fe80::c4b3:edff:fe22:ba5 prefixlen 64 scopeid 0x20<link> ether c6:b3:ed:22:0b:a5 txqueuelen 1000 (Ethernet) RX packets 921185 bytes 807806744 (807.8 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 877628 bytes 225848291 (225.8 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.110.0.2 netmask 255.255.240.0 broadcast 10.110.15.255 inet6 fe80::b4b8:1dff:feb2:c5f2 prefixlen 64 scopeid 0x20<link> ether b6:b8:1d:b2:c5:f2 txqueuelen 1000 (Ethernet) RX packets 223 bytes 10898 (10.8 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 53 bytes 3806 (3.8 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 135824 bytes 22111459 (22.1 MB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 135824 bytes 22111459 (22.1 MB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 /ets/hosts Code: 127.0.0.1 localhost.localdomain localhost 127.0.1.1 ape-design-host.apedesign.net ape-design-host 104.248.91.55 ape-design-host.apedesign.net ape-design-host # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts hostname Code: ape-design-host hostname -f Code: ape-design-host.apedesign.net
/etc/postfix/main.cf Code: sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_authenticated_header = yes smtpd_restriction_classes = greylisting greylisting = check_policy_service inet:127.0.0.1:10023 smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_d> smtpd_use_tls = yes transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf relay_domains = proxy:mysql:/etc/postfix/mysql-virtual_relaydomains.cf relay_recipient_maps = proxy:mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_> smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostn> smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_acces> smtpd_client_restrictions = check_client_access proxy:mysql:/etc/postfix/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, reject_rbl_client zen.spamhaus.org, pe> smtpd_etrn_restrictions = permit_mynetworks, reject smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit smtpd_client_message_rate_limit = 100 maildrop_destination_concurrency_limit = 1 maildrop_destination_recipient_limit = 1 virtual_transport = dovecot header_checks = regexp:/etc/postfix/header_checks mime_header_checks = regexp:/etc/postfix/mime_header_checks nested_header_checks = regexp:/etc/postfix/nested_header_checks body_checks = regexp:/etc/postfix/body_checks owner_request_special = no smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_protocols = !SSLv2,!SSLv3 smtp_tls_protocols = !SSLv2,!SSLv3 smtpd_tls_exclude_ciphers = RC4, aNULL smtp_tls_exclude_ciphers = RC4, aNULL smtpd_tls_mandatory_ciphers = medium tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA> tls_preempt_cipherlist = no address_verify_negative_refresh_time = 60s enable_original_recipient = no smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS address_verify_sender_ttl = 15686s smtp_dns_support_level = dnssec dovecot_destination_recipient_limit = 1 smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth content_filter = lmtp:[127.0.0.1]:10024 receive_override_options = no_address_mappings #smtpd_sasl_security_options = noanonymous
/etc/postfix/master.cf Code: # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master" or # on-line: http://www.postfix.org/master.5.html). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (no) (never) (100) # ========================================================================== smtp inet n - y - - smtpd #smtp inet n - y - 1 postscreen #smtpd pass - - y - - smtpd #dnsblog unix - - y - 0 dnsblog #tlsproxy unix - - y - 0 tlsproxy submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_tls_auth_only=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions= # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING smtps inet n - y - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions= # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - y - - qmqpd pickup unix n - y 60 1 pickup cleanup unix n - y - 0 cleanup qmgr unix n - n 300 1 qmgr #qmgr unix n - n 300 1 oqmgr tlsmgr unix - - y 1000? 1 tlsmgr rewrite unix - - y - - trivial-rewrite bounce unix - - y - 0 bounce defer unix - - y - 0 bounce trace unix - - y - 0 bounce verify unix - - y - 1 verify flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - y - - smtp relay unix - - y - - smtp -o syslog_name=postfix/$service_name # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - y - - showq error unix - - y - - error retry unix - - y - - error discard unix - - y - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - y - - lmtp anvil unix - - y - 1 anvil scache unix - - y - 1 scache postlog unix-dgram n - n - 1 postlogd # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail ${extension} ${recipient} ${user} ${nexthop} ${sender} # # ==================================================================== # # Recent Cyrus versions can use the existing "lmtp" master.cf entry. # # Specify in cyrus.conf: # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 # # Specify in main.cf one or more of the following: # mailbox_transport = lmtp:inet:localhost # virtual_transport = lmtp:inet:localhost # # ==================================================================== # # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 # #cyrus unix - n n - - pipe # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} # # ==================================================================== # Old example of delivery via Cyrus. # #old-cyrus unix - n n - - pipe # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} # # ==================================================================== # # See the Postfix UUCP_README file for configuration details. # uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop} amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o smtp_bind_address= 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes 127.0.0.1:10027 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtp_send_xforward_command=yes -o milter_default_action=accept -o milter_macro_daemon_name=ORIGINATING -o disable_dns_lookups=yes Where I'm wrong? Thank you
Where is it marked as spam? On your host? Somewhere else? What is reason for marking as spam? If mail gets to somewhere else, your mail server is working. I can not see how STARTTLS is in any way involved in server sending e-mail and getting marked as spam. Remove this line from /etc/hosts Code: 127.0.1.1 ape-design-host.apedesign.net ape-design-host I do not know. What is the problem you are solving? STARTTLS? Email marked as spam? Something else?
Yes, sending an email using smtp on port 25 works and the email (sent to an @gmail.com account) is delivered to the spam folder. Attempting to send the same email using STATTLS on port 587 produces the error: the server refuses to send email. As you can see from the telnet logs, the host is not recognized. So I think there is an incorrect configuration (but all my attempts do not produce a positive result). Also sending email using roundcube (on port 587) produce the error: "SMTP Error (250): Authentication failed" Removed it, the situation doesn't change. I'm trying to fix the inability to send emails using secure authentication with TLS. Thank you.
Mail.log is full of these logs (I : Code: Oct 14 10:22:38 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 10:22:38 ape-design-host postfix/smtpd[586040]: connect from unknown[45.142.120.179] Oct 14 10:22:39 ape-design-host postfix/smtpd[585949]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: *** Oct 14 10:22:40 ape-design-host postfix/smtpd[585949]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:22:41 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 10:22:41 ape-design-host postfix/smtpd[586280]: connect from unknown[45.142.120.179] Oct 14 10:22:43 ape-design-host postfix/smtpd[585905]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: *** Oct 14 10:22:43 ape-design-host postfix/smtpd[585905]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:22:44 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 10:22:45 ape-design-host postfix/smtpd[586512]: connect from unknown[45.142.120.179] Oct 14 10:22:48 ape-design-host postfix/smtpd[585949]: connect from unknown[45.142.120.179] Oct 14 10:22:50 ape-design-host postfix/smtpd[585923]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: *** Oct 14 10:22:50 ape-design-host postfix/smtpd[585923]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:22:51 ape-design-host postfix/smtpd[585905]: connect from unknown[45.142.120.179] Oct 14 10:22:53 ape-design-host postfix/smtpd[586040]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: *** Oct 14 10:22:53 ape-design-host postfix/smtpd[586040]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:22:54 ape-design-host postfix/smtpd[585923]: connect from unknown[45.142.120.179] Oct 14 10:22:56 ape-design-host postfix/smtpd[586280]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: *** Oct 14 10:22:57 ape-design-host postfix/smtpd[586280]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:22:57 ape-design-host postfix/smtpd[586040]: connect from unknown[45.142.120.179] Oct 14 10:23:00 ape-design-host postfix/smtpd[586512]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: *** Oct 14 10:23:00 ape-design-host postfix/smtpd[585949]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 10:23:00 ape-design-host postfix/smtpd[585949]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:23:01 ape-design-host postfix/smtpd[586512]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:23:01 ape-design-host postfix/smtpd[586280]: connect from unknown[45.142.120.179] Oct 14 10:23:04 ape-design-host postfix/smtpd[585949]: connect from unknown[45.142.120.179] Oct 14 10:23:04 ape-design-host postfix/smtpd[585905]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 10:23:04 ape-design-host postfix/smtpd[585905]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:23:07 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 10:23:07 ape-design-host postfix/smtpd[586512]: connect from unknown[45.142.120.179] Oct 14 10:23:07 ape-design-host postfix/smtpd[585923]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 10:23:07 ape-design-host postfix/smtpd[585923]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:23:10 ape-design-host postfix/smtpd[585905]: connect from unknown[45.142.120.179] Oct 14 10:23:10 ape-design-host postfix/smtpd[586040]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 10:23:11 ape-design-host postfix/smtpd[586040]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:23:11 ape-design-host postfix/submission/smtpd[586636]: connect from localhost.localdomain[127.0.0.1] Oct 14 10:23:11 ape-design-host postfix/submission/smtpd[586636]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 quit=1 commands=2 Oct 14 10:23:13 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 10:23:14 ape-design-host postfix/smtpd[585923]: connect from unknown[45.142.120.179] Oct 14 10:23:14 ape-design-host postfix/smtpd[586280]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 10:23:14 ape-design-host postfix/smtpd[586280]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 10:23:16 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer
Looking better I found some more interesting logs: Code: Oct 14 11:26:34 ape-design-host postfix/submission/smtpd[589080]: warning: hostname ape-design-host.apedesign.net does not resolve to address 104.248.91.55 Oct 14 11:26:34 ape-design-host postfix/submission/smtpd[589080]: connect from unknown[104.248.91.55] Oct 14 11:22:57 ape-design-host postfix/submission/smtpd[588961]: SSL_accept error from unknown[104.248.91.55]: -1 Oct 14 11:22:57 ape-design-host postfix/submission/smtpd[588961]: warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl> Oct 14 11:22:57 ape-design-host postfix/submission/smtpd[588961]: lost connection after STARTTLS from unknown[104.248.91.55] Oct 14 11:22:57 ape-design-host postfix/submission/smtpd[588961]: disconnect from unknown[104.248.91.55] ehlo=1 starttls=0/1 commands=1/2 So, if I'm not wrong.. there is a problem with the ssl version and so postfix kill the connection. Correct? What can I do? Thank you
Did you choose to get a Let's encrypt ssl cert during installation or did you create a self-signed SSL cert?
I was thinking about it and I remember that during installation I get an error with Lets' Encrypt and the installation automatically fallback to self signed procedure. I'm sure. Now I have tried to connect using openssl and during the handshake it say: Code: SSL handshake has read 2695 bytes and written 423 bytes Verification error: self signed certificate So what's the procedure to regenerate certificates using let's encrypt? Thank you
https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/
Run: ispconfig_update.sh and choose nightly as update source and choose to recreate SSL cert for ISPConfig, when the updater asks. But before you do that, take a look in the letsencrypt.log file to find out why your last attempt to get a letsencrypt cert failed, see faq that @Taleman posted.
Ok I followed Taleman link and correctly configured certs, now accessing with browser IPSConfig admin page on port 8080 don't warn me more about the certificate. Also now from ssh running the command openssl s_client -starttls smtp -connect example.com:587 it correctly do the handshake. So, at now I sent correctly an email (with authentication) using openssh command but roundcube still doesn't work. I don't find any kind of log, only a toast message appear inside roundcube saying "SMTP error 250: Authentication error". This is my roundcube config file: Code: $config = array(); include_once("/etc/roundcube/debian-db-roundcube.php"); $config['default_host'] = 'localhost'; $config['smtp_server'] = 'localhost'; $config['smtp_port'] = 587; $config['smtp_user'] = '%u'; $config['smtp_pass'] = '%p'; $config['support_url'] = ''; $config['product_name'] = 'Roundcube Webmail'; $config['des_key'] = 'xxxxxx'; $config['plugins'] = array( ); $config['skin'] = 'elastic'; $config['enable_spellcheck'] = false; $config['debug_level'] = 1; $config['smtp_debug'] = true; (About the update script, I'm in a production environment. So is it secure to use source from nightly?) Thank you
Well, I have resolved.. "smtp_server" need to be set with "tls://nameserver.example.com". I have one last doubt: as you can see in mail.log there are a lot of connection from an IP that I don't recognize 45.142.120.179 What is happening? Someone is trying to access my mail server?
Perhaps someone is trying to send an e-mail to your mail server? What exactly was in mail.log? The sending e-mail server must connect to your e-mail server when messages are to be sent.
This is a part of the last logs, it repeats infinitely and doesn't stop. Code: Oct 14 14:47:44 ape-design-host postfix/smtpd[601016]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 14:47:44 ape-design-host postfix/smtpd[601016]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:47:46 ape-design-host postfix/smtpd[601016]: connect from unknown[45.142.120.179] Oct 14 14:47:48 ape-design-host postfix/smtpd[601475]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 14:47:49 ape-design-host postfix/smtpd[601475]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:47:49 ape-design-host postfix/smtpd[601010]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 14:47:49 ape-design-host postfix/smtpd[601475]: connect from unknown[45.142.120.179] Oct 14 14:47:50 ape-design-host postfix/smtpd[601010]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:47:50 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF Oct 14 14:47:52 ape-design-host postfix/smtpd[601196]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 14:47:52 ape-design-host postfix/smtpd[601196]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:47:52 ape-design-host postfix/smtpd[601196]: connect from unknown[45.142.120.179] Oct 14 14:47:55 ape-design-host postfix/smtpd[602175]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 14:47:55 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF Oct 14 14:47:55 ape-design-host postfix/smtpd[602175]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:47:56 ape-design-host postfix/smtpd[602175]: connect from unknown[45.142.120.179] Oct 14 14:47:59 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF Oct 14 14:47:59 ape-design-host postfix/smtpd[602177]: connect from unknown[45.142.120.179] Oct 14 14:47:59 ape-design-host postfix/smtpd[601016]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 14:48:00 ape-design-host postfix/smtpd[601016]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:48:02 ape-design-host postfix/smtpd[601475]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 14:48:02 ape-design-host postfix/smtpd[601016]: connect from unknown[45.142.120.179] Oct 14 14:48:03 ape-design-host postfix/smtpd[601475]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:48:05 ape-design-host postfix/smtpd[601196]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 14:48:05 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 14:48:05 ape-design-host postfix/smtpd[601475]: connect from unknown[45.142.120.179] Oct 14 14:48:06 ape-design-host postfix/smtpd[602177]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 14:48:06 ape-design-host postfix/smtpd[602177]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:48:06 ape-design-host postfix/smtpd[601196]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:48:08 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 14:48:09 ape-design-host postfix/smtpd[602175]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: Connection lost to authentication server Oct 14 14:48:09 ape-design-host postfix/smtpd[602177]: connect from unknown[45.142.120.179] Oct 14 14:48:10 ape-design-host postfix/smtpd[602175]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:48:11 ape-design-host postfix/smtpd[601016]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 14:48:12 ape-design-host postfix/smtpd[601016]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:48:12 ape-design-host postfix/smtpd[601196]: connect from unknown[45.142.120.179] Oct 14 14:48:15 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 14:48:15 ape-design-host postfix/smtpd[602175]: connect from unknown[45.142.120.179] Oct 14 14:48:16 ape-design-host postfix/smtpd[601475]: warning: unknown[45.142.120.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 14:48:16 ape-design-host postfix/smtpd[601475]: disconnect from unknown[45.142.120.179] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Oct 14 14:48:18 ape-design-host dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: Connection reset by peer Oct 14 14:48:19 ape-design-host postfix/smtpd[601016]: connect from unknown[45.142.120.179] Can I ban this IP or block in other ways? mail.log grows unnecessarily.
Install fail2ban and enable postfix, sasl and recidive jails (in addition to ssh jail). Install logrotate and check it is activated for mail.log. That keeps it from growing too huge.
