You will need to install fail2ban to ip block failed attempts. As you have correctly assumed, a malicious person is trying to hack into you mail server.
Fail2ban is a required application now and days. On April 2, 2019 8:57:06 AM GMT+02:00, James Brown <jlbr...@bordo.com.au> wrote: >Not sure if this is a Dovecot or Postfix issue we use Dovecot for >authentication for Postfix. Mailboxes are stored in MySQL. > >Have noticed this today: > >auth-worker(42777): Info: sql(cont...@com.au,127.0.0.1): unknown user >(given password: someone123) > >Also i...@com.au etc. > >They are coming through on port 465. > >Obviously my domain is not ‘com.au’ - how can I stop these attempts >from even being considered? > >I did update to Postfix 3.4.5 yesterday. Running Dovecot 2.3.5. > >Thanks, > >James. -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
