hi All,
I have virtualmin version 4.15.gpl.
All is fine like a charm !
Execpt my auth.log which spam with this:
saslauthd[]: do_auth : auth failure: [service=smtp] [realm=postfix] [mech=rimap] [reason=remote server rejected your credentials]
can you explain me how i can fix it please !?
Howdy,
You may want to review your /var/log/mail.log file to see if someone is perhaps repeatedly trying to log into Postfix but failing. If that’s the case, you would see the ip address in that file.
If it’s a legitimate user, you could help them correct it. And if it’s not, you could ban that IP address.
-Eric
Do you have any warning or error lines in maillog with same time as this error in auth.log?
EDIT: This is what happens when i wait too long to press “save”. Bummer. 
I noticed that I had enormously : in /var/log/mail.log
I have a new jail [postfix-sasl] in fail2ban:
warning: unknown[85.185.194.187] SASL LOGIN authentication failed: authentication failure
May 12 08:28:20 nameserver postfix/smtpd[20594]: disconnect from unknown[85.185.194.187]
May 12 08:28:20 nameserver postfix/smtpd[20634]: warning: unknown[85.26.165.157] SASL LOGIN authentication failed: authentication failure
And
302
And i’ll imagine it’s normal …
thanks Eric,
you are in the right way !
I have many :
warning: SASL authentication failure: Password verification failed
May 12 08:18:46 Servername postfix/smtpd[18718]: warning: unknown[154.121.251.42] SASL PLAIN authentication failed: authentication failure
May 12 08:18:49 Servername postfix/smtpd[18718]: warning: unknown[154.121.251.42] SASL LOGIN authentication failed: authentication failure
I have already a jail in fail2ban which was a good job !
$iptables -L fail2ban-postfix-sasl | wc -l
302