postfix- are these connects in the log anything to worry about?

on

Lock asked:

I am noticing the following in my maillog.

Lots of these:

Sep 10 10:29:56 westc01-01-01 postfix/smtpd[26788]: connect from unknown[85.111.7.182]

And these:

Sep 10 10:34:58 westc01-01-01 postfix/smtpd[26768]: disconnect from unknown[85.111.7.182]
Sep 10 10:34:58 westc01-01-01 postfix/smtpd[26758]: timeout after AUTH from unknown[85.111.7.182]

And these:

Sep 10 10:29:56 westc01-01-01 postfix/smtpd[26737]: warning: unknown[85.111.7.182]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

Are these anything to worry about?

My answer:

Looks like just another random connection attempt from part of a botnet. Assuming your mail server is properly secured, you can ignore it. Of course, this is a good time to check and ensure that your mail server is properly secured.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Related Post

Bash: mv directory one at a time

Unable to connect to google VM

How to set a default page within hotspot MikroTik to be open automatically after wifi connect

Is this server hacked or just login attempts ? See log

Reverse HTTP proxy as CDN origin server, how to handle last modified since?

How to get expiry date for yum repo signing keys