postfix- are these connects in the log anything to worry about?

on

Lock asked:

I am noticing the following in my maillog.

Lots of these:

Sep 10 10:29:56 westc01-01-01 postfix/smtpd[26788]: connect from unknown[85.111.7.182]

And these:

Sep 10 10:34:58 westc01-01-01 postfix/smtpd[26768]: disconnect from unknown[85.111.7.182]
Sep 10 10:34:58 westc01-01-01 postfix/smtpd[26758]: timeout after AUTH from unknown[85.111.7.182]

And these:

Sep 10 10:29:56 westc01-01-01 postfix/smtpd[26737]: warning: unknown[85.111.7.182]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

Are these anything to worry about?

My answer:

Looks like just another random connection attempt from part of a botnet. Assuming your mail server is properly secured, you can ignore it. Of course, this is a good time to check and ensure that your mail server is properly secured.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Related Post

how to use a disk with high reallocated sector count?

Firewall rule to only allow Postfix to send email through SMTP on port 25

Properly setting up a "default" nginx server for https

vsftpd: users can delete other users files

Open Windows Server 2012/Windows 8 Start Menu

Modifying libvirt firewall rules between virtual networks