• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 216
  • Last Modified:

SASL LOGIN authentication failed: authentication failure

Hi

I am running CentOS and several times see "SASL LOGIN authentication failed: authentication failure". Seems someone is trying to logon to my mail server illegally.

I have installed fail2ban to block such cases automatically. But I want to test that by simulating this situation. I created an account in my thunderbird mail client and provided wrong credentials to my server but this doesn't generate anything in my server's maillog.

Can someone please suggest me how can I produce "SASL LOGIN authentication failed: authentication failure" ?
0
sysautomation
Asked:
sysautomation
1 Solution
 
Tomas Helgi JohannssonCommented:
Hi!

You will need to look into the conf files for fail2ban to seem what IP addresses are ignored (localhost is by default ignored).
Make sure that your LAN IP address range is not ignored (except one IP address that you can use to safely log into your server) and then test  (using a simple telnet command http://www.anta.net/misc/telnet-troubleshooting/smtp.shtml ) from your LAN (other than your safe IP).
https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7
Just make sure you don't lock yourself out completely. ;)

Regards,
     Tomas Helgi
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now