SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i'm a normal user and i dont know much about security, so i need ur help cuz i see strange logs when i read "logwatch" mail, it's a long but i hope u have sometime to check it and tell me what i do, thx
here are some of dovecot messsages:
Code:
--------------------- Dovecot Begin ------------------------
**Unmatched Entries**
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: admin:12345: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: admin:admin: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: admin:admin1: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: admin:admin12: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: admin:admin123: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: smtp:account: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: smtp:admin: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: smtp:shop: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: smtp:smtp: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: smtp:test: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: support:support: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: test:test: 2 Time(s)
dovecot: auth(default): auth(?,207.150.178.12): Invalid username: webmaster:webmaster: 2 Time(s)
dovecot: auth(default): client in: AUTH 1 LOGIN service=smtp: 4 Time(s)
dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3 lip=184.107.223.30 rip=207.150.178.12 lport=110 rport=32817 resp=<hidden>: 1 Time(s)
dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3 lip=184.107.223.30 rip=207.150.178.12 lport=110 rport=32911 resp=<hidden>: 1 Time(s)
...
...
dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3 lip=184.107.223.30 rip=207.150.178.12 lport=110 rport=60734 resp=<hidden>: 1 Time(s)
dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3 lip=184.107.223.30 rip=207.150.178.12 lport=110 rport=60826 resp=<hidden>: 1 Time(s)
dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3 lip=184.107.223.30 rip=207.150.178.12 lport=110 rport=60896 resp=<hidden>: 1 Time(s)
dovecot: auth(default): client in: AUTH 1 PLAIN service=pop3 lip=184.107.223.30 rip=207.150.178.12 lport=110 rport=60973 resp=<hidden>: 1 Time(s)
dovecot: auth(default): client in: AUTH 2 LOGIN service=smtp: 3 Time(s)
dovecot: auth(default): client in: AUTH 3 LOGIN service=smtp: 3 Time(s)
dovecot: auth(default): client in: AUTH 4 LOGIN service=smtp: 1 Time(s)
dovecot: auth(default): client in: AUTH 5 LOGIN service=smtp: 1 Time(s)
dovecot: auth(default): client in: CONT<hidden>: 24 Time(s)
dovecot: auth(default): client out: CONT 1 UGFzc3dvcmQ6: 4 Time(s)
dovecot: auth(default): client out: CONT 1 VXNlcm5hbWU6: 4 Time(s)
dovecot: auth(default): client out: CONT 2 UGFzc3dvcmQ6: 3 Time(s)
dovecot: auth(default): client out: CONT 2 VXNlcm5hbWU6: 3 Time(s)
dovecot: auth(default): client out: CONT 3 UGFzc3dvcmQ6: 3 Time(s)
dovecot: auth(default): client out: CONT 3 VXNlcm5hbWU6: 3 Time(s)
dovecot: auth(default): client out: CONT 4 UGFzc3dvcmQ6: 1 Time(s)
dovecot: auth(default): client out: CONT 4 VXNlcm5hbWU6: 1 Time(s)
dovecot: auth(default): client out: CONT 5 UGFzc3dvcmQ6: 1 Time(s)
dovecot: auth(default): client out: CONT 5 VXNlcm5hbWU6: 1 Time(s)
dovecot: auth(default): client out: FAIL 1: 9 Time(s)
dovecot: auth(default): client out: FAIL 1 user=account: 8 Time(s)
dovecot: auth(default): client out: FAIL 1 user=admin: 32 Time(s)
dovecot: auth(default): client out: FAIL 1 user=bill: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=cat: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=comercial: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=contact: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=dummy: 2 Time(s)
dovecot: auth(default): client out: FAIL 1 user=fax: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=fedora: 2 Time(s)
dovecot: auth(default): client out: FAIL 1 user=guest: 8 Time(s)
dovecot: auth(default): client out: FAIL 1 user=info: 38 Time(s)
dovecot: auth(default): client out: FAIL 1 user=library: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=mail: 2 Time(s)
dovecot: auth(default): client out: FAIL 1 user=monitor: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=newsletter: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=office: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=oracle: 6 Time(s)
dovecot: auth(default): client out: FAIL 1 user=postmaster: 8 Time(s)
dovecot: auth(default): client out: FAIL 1 user=root: 2 Time(s)
dovecot: auth(default): client out: FAIL 1 user=sales: 12 Time(s)
dovecot: auth(default): client out: FAIL 1 user=scan: 2 Time(s)
dovecot: auth(default): client out: FAIL 1 user=server: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=service: 6 Time(s)
dovecot: auth(default): client out: FAIL 1 user=shop: 6 Time(s)
dovecot: auth(default): client out: FAIL 1 user=smtp: 42 Time(s)
dovecot: auth(default): client out: FAIL 1 user=spam: 18 Time(s)
dovecot: auth(default): client out: FAIL 1 user=squid: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=support: 18 Time(s)
dovecot: auth(default): client out: FAIL 1 user=temp: 2 Time(s)
dovecot: auth(default): client out: FAIL 1 user=test: 40 Time(s)
dovecot: auth(default): client out: FAIL 1 user=test1: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=user: 4 Time(s)
dovecot: auth(default): client out: FAIL 1 user=visitor: 2 Time(s)
dovecot: auth(default): client out: FAIL 1 user=webmaster: 2 Time(s)
dovecot: auth(default): client out: FAIL 2 user=admin: 3 Time(s)
dovecot: auth(default): client out: FAIL 3 user=admin: 3 Time(s)
dovecot: auth(default): client out: FAIL 4 user=admin: 1 Time(s)
dovecot: auth(default): client out: FAIL 5 user=admin: 1 Time(s)
...
...
dovecot: auth(default): new auth connection: pid=6413: 1 Time(s)
dovecot: auth(default): new auth connection: pid=6414: 1 Time(s)
dovecot: auth(default): new auth connection: pid=6415: 1 Time(s)
dovecot: auth(default): new auth connection: pid=6416: 1 Time(s)
dovecot: auth(default): new auth connection: pid=6417: 1 Time(s)
dovecot: auth(default): new auth connection: pid=6418: 1 Time(s)
dovecot: auth(default): new auth connection: pid=6419: 1 Time(s)
dovecot: auth(default): plain(?,207.150.178.12): Empty username: 2 Time(s)
dovecot: auth(default): plain(?,207.150.178.12): Username contains disallowed character: 0x3a: 26 Time(s)
dovecot: auth-worker(default): mysql: Connected to localhost (mail): 2 Time(s)
dovecot: auth-worker(default): sql(account,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'account' AND active='1': 8 Time(s)
dovecot: auth-worker(default): sql(account,207.150.178.12): unknown user: 8 Time(s)
dovecot: auth-worker(default): sql(admin): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'admin' AND active='1': 12 Time(s)
dovecot: auth-worker(default): sql(admin): unknown user: 12 Time(s)
dovecot: auth-worker(default): sql(admin,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'admin' AND active='1': 28 Time(s)
dovecot: auth-worker(default): sql(admin,207.150.178.12): unknown user: 28 Time(s)
dovecot: auth-worker(default): sql(bill,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'bill' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(bill,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(cat,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'cat' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(cat,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(comercial,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'comercial' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(comercial,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(contact,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'contact' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(contact,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(dummy,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'dummy' AND active='1': 2 Time(s)
dovecot: auth-worker(default): sql(dummy,207.150.178.12): unknown user: 2 Time(s)
dovecot: auth-worker(default): sql(fax,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'fax' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(fax,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(fedora,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'fedora' AND active='1': 2 Time(s)
dovecot: auth-worker(default): sql(fedora,207.150.178.12): unknown user: 2 Time(s)
dovecot: auth-worker(default): sql(guest,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'guest' AND active='1': 8 Time(s)
dovecot: auth-worker(default): sql(guest,207.150.178.12): unknown user: 8 Time(s)
dovecot: auth-worker(default): sql(info,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'info' AND active='1': 38 Time(s)
dovecot: auth-worker(default): sql(info,207.150.178.12): unknown user: 38 Time(s)
dovecot: auth-worker(default): sql(library,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'library' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(library,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(mail,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'mail' AND active='1': 2 Time(s)
dovecot: auth-worker(default): sql(mail,207.150.178.12): unknown user: 2 Time(s)
dovecot: auth-worker(default): sql(monitor,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'monitor' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(monitor,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(newsletter,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'newsletter' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(newsletter,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(office,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'office' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(office,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(oracle,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'oracle' AND active='1': 6 Time(s)
dovecot: auth-worker(default): sql(oracle,207.150.178.12): unknown user: 6 Time(s)
dovecot: auth-worker(default): sql(postmaster,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'postmaster' AND active='1': 8 Time(s)
dovecot: auth-worker(default): sql(postmaster,207.150.178.12): unknown user: 8 Time(s)
dovecot: auth-worker(default): sql(root,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'root' AND active='1': 2 Time(s)
dovecot: auth-worker(default): sql(root,207.150.178.12): unknown user: 2 Time(s)
dovecot: auth-worker(default): sql(sales,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'sales' AND active='1': 12 Time(s)
dovecot: auth-worker(default): sql(sales,207.150.178.12): unknown user: 12 Time(s)
dovecot: auth-worker(default): sql(scan,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'scan' AND active='1': 2 Time(s)
dovecot: auth-worker(default): sql(scan,207.150.178.12): unknown user: 2 Time(s)
dovecot: auth-worker(default): sql(server,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'server' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(server,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(service,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'service' AND active='1': 6 Time(s)
dovecot: auth-worker(default): sql(service,207.150.178.12): unknown user: 6 Time(s)
dovecot: auth-worker(default): sql(shop,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'shop' AND active='1': 6 Time(s)
dovecot: auth-worker(default): sql(shop,207.150.178.12): unknown user: 6 Time(s)
dovecot: auth-worker(default): sql(smtp,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'smtp' AND active='1': 42 Time(s)
dovecot: auth-worker(default): sql(smtp,207.150.178.12): unknown user: 42 Time(s)
dovecot: auth-worker(default): sql(spam,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'spam' AND active='1': 18 Time(s)
dovecot: auth-worker(default): sql(spam,207.150.178.12): unknown user: 18 Time(s)
dovecot: auth-worker(default): sql(squid,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'squid' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(squid,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(support,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'support' AND active='1': 18 Time(s)
dovecot: auth-worker(default): sql(support,207.150.178.12): unknown user: 18 Time(s)
dovecot: auth-worker(default): sql(temp,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'temp' AND active='1': 2 Time(s)
dovecot: auth-worker(default): sql(temp,207.150.178.12): unknown user: 2 Time(s)
dovecot: auth-worker(default): sql(test,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'test' AND active='1': 40 Time(s)
dovecot: auth-worker(default): sql(test,207.150.178.12): unknown user: 40 Time(s)
dovecot: auth-worker(default): sql(test1,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'test1' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(test1,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(user,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'user' AND active='1': 4 Time(s)
dovecot: auth-worker(default): sql(user,207.150.178.12): unknown user: 4 Time(s)
dovecot: auth-worker(default): sql(visitor,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'visitor' AND active='1': 2 Time(s)
dovecot: auth-worker(default): sql(visitor,207.150.178.12): unknown user: 2 Time(s)
dovecot: auth-worker(default): sql(webmaster,207.150.178.12): query: SELECT username AS user, password, CONCAT('/var/mail/vhosts/', maildir) AS userdb_home, 5000 AS userdb_uid, 5000 AS userdb_gid, CONCAT('*:bytes=', quota) as userdb_quota_rule FROM mailbox WHERE username = 'webmaster' AND active='1': 2 Time(s)
dovecot: auth-worker(default): sql(webmaster,207.150.178.12): unknown user: 2 Time(s)
dovecot: dict: mysql: Connected to localhost (mail): 1 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 9 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<account>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 8 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<admin>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 28 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<bill>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<cat>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<comercial>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<contact>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<dummy>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 2 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<fax>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<fedora>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 2 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<guest>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 8 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<info>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 38 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<library>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<mail>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 2 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<monitor>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<newsletter>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<office>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<oracle>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 6 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<postmaster>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 8 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<root>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 2 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<sales>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 12 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<scan>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 2 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<server>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<service>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 6 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<shop>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 6 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<smtp>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 42 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<spam>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 18 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<squid>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<support>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 18 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<temp>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 2 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<test1>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<test>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 40 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<user>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 4 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<visitor>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 2 Time(s)
dovecot: pop3-login: Disconnected (auth failed, 1 attempts): user=<webmaster>, method=PLAIN, rip=207.150.178.12, lip=184.107.223.30: 2 Time(s)
---------------------- Dovecot End -------------------------
I would suggest using something like fail2ban to lock out malicious attempts to connect to your mail server (Dovecot)
thx for ur reply and i'll google "fail2ban" to see how can i benefit from it, but as i stated that i don't have enough experience and actually i don't know if he (based on the log) could log into the dovecot or still trying.
EDIT: i forget that i'm logging in from my other account.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
