SYSTEM INFORMATION | |
---|---|
OS type and version | Ubuntu 22.04 |
Webmin version | The most recent |
Virtualmin version | The most recent |
Related packages | SUGGESTED |
Hey team
I had to disable email to one of my servers because it was being used to spam the world. I went through this forum and read the suggested guides on proper etiquette for having a mail server. I ensured SASL is required, I configured grey listing… Is there something else I can do or that I’m missing?
I have attached a small snippet of my most recent mail.log -
Jan 21 22:20:25 domainname postfix/smtpd[2344]: disconnect from unknown[80.94.95.170] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Jan 21 22:20:30 domainname postfix/smtpd[2316]: connect from unknown[80.94.95.170]
Jan 21 22:20:36 domainname postfix/smtpd[2316]: warning: unknown[80.94.95.170]: SASL LOGIN authentication failed: authentication failure
Jan 21 22:20:37 domainname postfix/smtpd[2316]: disconnect from unknown[80.94.95.170] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
Jan 21 22:20:40 domainname postfix/smtpd[2184]: connect from unknown[103.187.83.131]
Jan 21 22:20:43 domainname postfix/smtpd[2184]: warning: SASL authentication failure: Password verification failed
…
Jan 21 22:25:22 domainname postfix/smtpd[2184]: NOQUEUE: reject: RCPT from mail-am0eur02hn2228.outbound.protection.outlook.com[52.100.202.228]: 454 4.7.1 spam@hostname.ca: Relay access denied; from=<> to=spam@hostname.ca proto=ESMTP helo=<EUR02-AM0-obe.outbound.protection.outlook.com>
Jan 21 22:25:22 domainname postfix/smtpd[2184]: disconnect from mail-am0eur02hn2228.outbound.protection.outlook.com[52.100.202.228] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6
Jan 21 22:25:22 domainname dovecot: imap-login: Disconnected: Inactivity (auth failed, 1 attempts in 179 secs): user=michael@hostname.farm, method=PLAIN, rip=2605:b100:b28:a76f:e4bf:61d6:ca23:b2c8, lip=2607:5300:60:8289::1, TLS, session=<vRu3FH8PqoEmBbEACyinb+S/YdbKI7LI>
Jan 21 22:25:24 domainname postfix/smtpd[2316]: connect from mail-vi1eur05olkn20801.outbound.protection.outlook.com[2a01:111:f403:2e13::801]
Jan 21 22:25:25 domainname postfix/smtpd[2316]: NOQUEUE: reject: RCPT from mail-vi1eur05olkn20801.outbound.protection.outlook.com[2a01:111:f403:2e13::801]: 454 4.7.1 spam@hostname.ca: Relay access denied; from=<> to=spam@hostname.ca proto=ESMTP helo=<EUR05-VI1-obe.outbound.protection.outlook.com>