postfix- are these connects in the log anything to worry about?

Lock asked:

I am noticing the following in my maillog.

Lots of these:

Sep 10 10:29:56 westc01-01-01 postfix/smtpd[26788]: connect from unknown[85.111.7.182]

And these:

Sep 10 10:34:58 westc01-01-01 postfix/smtpd[26768]: disconnect from unknown[85.111.7.182]
Sep 10 10:34:58 westc01-01-01 postfix/smtpd[26758]: timeout after AUTH from unknown[85.111.7.182]

And these:

Sep 10 10:29:56 westc01-01-01 postfix/smtpd[26737]: warning: unknown[85.111.7.182]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

Are these anything to worry about?

My answer:


Looks like just another random connection attempt from part of a botnet. Assuming your mail server is properly secured, you can ignore it. Of course, this is a good time to check and ensure that your mail server is properly secured.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.