Getting alot of messages in syslog SASL Auth Postfix
Dec 31 13:05:38 serviidb postfix/smtpd[17618]: connect from unknown[50.34.240.12]
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: unknown[50.34.240.12]: SASL LOGIN authentication failed: authentication failure
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: unknown[50.34.240.12]: SASL LOGIN authentication failed: authentication failure
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: unknown[50.34.240.12]: SASL LOGIN authentication failed: authentication failure
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: unknown[50.34.240.12]: SASL LOGIN authentication failed: authentication failure
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
Dec 31 13:05:39 serviidb postfix/smtpd[17618]: warning: unknown[50.34.240.12]: SASL LOGIN authentication failed: authentication failure
I found a post that mentioned fail2ban as a possible solution to this? Has anyone used fail2ban? I mainly running a Drupal 7 site so will fail2ban affect it?
2 Replies
failregex = (?i): warning: [-._\w]+\[<host>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\s*$</host>
Thanks for the help.