15:06:49 vonwallace saslauthd[767]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=contact
Oct 5 15:06:50 vonwallace saslauthd[765]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=postmaster
Oct 5 15:06:50 vonwallace saslauthd[764]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=vonwallace
Oct 5 15:06:51 vonwallace saslauthd[767]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=contact
Oct 5 15:06:51 vonwallace saslauthd[765]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=vonwallace
Oct 5 15:06:51 vonwallace saslauthd[767]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=postmaster
Oct 5 15:06:51 vonwallace saslauthd[766]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=contact
Oct 5 15:06:51 vonwallace saslauthd[765]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=postmaster
Oct 5 15:06:51 vonwallace saslauthd[767]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=vonwallace
Oct 5 15:22:36 vonwallace saslauthd[768]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=clearos-imap-admin
Oct 5 15:22:36 vonwallace saslauthd[768]: pam_succeed_if(imap:auth): requirement "uid >= 1000" not met by user "clearos-imap-admin"
Oct 5 15:22:42 vonwallace saslauthd[764]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=clearos-imap-admin
Oct 5 15:22:42 vonwallace saslauthd[764]: pam_succeed_if(imap:auth): requirement "uid >= 1000" not met by user "clearos-imap-admin"
Oct 5 15:06:50 vonwallace saslauthd[765]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=postmaster
Oct 5 15:06:50 vonwallace saslauthd[764]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=vonwallace
Oct 5 15:06:51 vonwallace saslauthd[767]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=contact
Oct 5 15:06:51 vonwallace saslauthd[765]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=vonwallace
Oct 5 15:06:51 vonwallace saslauthd[767]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=postmaster
Oct 5 15:06:51 vonwallace saslauthd[766]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=contact
Oct 5 15:06:51 vonwallace saslauthd[765]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=postmaster
Oct 5 15:06:51 vonwallace saslauthd[767]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=vonwallace
Oct 5 15:22:36 vonwallace saslauthd[768]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=clearos-imap-admin
Oct 5 15:22:36 vonwallace saslauthd[768]: pam_succeed_if(imap:auth): requirement "uid >= 1000" not met by user "clearos-imap-admin"
Oct 5 15:22:42 vonwallace saslauthd[764]: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=clearos-imap-admin
Oct 5 15:22:42 vonwallace saslauthd[764]: pam_succeed_if(imap:auth): requirement "uid >= 1000" not met by user "clearos-imap-admin"
Share this post:
Responses (1)
-
Accepted Answer
If those are invalid users someone is trying to crack imap passwords. Situation normal. It is worse with SMTP. Do you have the attack detector installed? Cross-check it with the maillog to see if the attempts are external. The Attack Detector app may be able to cut them down.
If they are genuine users , please see this thread.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »