1
Recently I noticed several attempts to login to the mail server with non-existent users, looking at the postfix log there are several lines similar to this:
Nov 5 13:03:04 servename imapd: LOGIN FAILED, [email protected], ip=[::ffff:127.0.0.1]
I wanted to know how to debug this to find the possible cause and solve the problem, any information is useful.
This question is outside the site scope.
– Bacco
Hi Jose, there is no debugging this. This will continue to happen. Unfortunately this is the day to day of a server and who maintains the server. That’s why it’s important to have firewalls, closed doors and updates up to date.
– Sergio
You must have a Brute force lock system like CSF or fail2ban
– Felipe Gabriel