Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
1
Other / Completely stuck not able to login to Admin after rest password
« on: February 28, 2025, 07:13:57 PM »
Dear Friends,
Some days before i upgraded my MariaDB from the moment I was not able to open Phpmyadmin it showing 404 Not Found. So search here and on post i saw rest the root password from the admin and everything will work . After reset root password now iam not able to login Admin panel. I DONT KNOW what to do so some body please help me. PLEASE
OS: AlmaLinux 9
Some days before i upgraded my MariaDB from the moment I was not able to open Phpmyadmin it showing 404 Not Found. So search here and on post i saw rest the root password from the admin and everything will work . After reset root password now iam not able to login Admin panel. I DONT KNOW what to do so some body please help me. PLEASE
OS: AlmaLinux 9
2
PHP / URGENT Database insert not working
« on: January 07, 2025, 02:36:51 AM »
Dear CWP team,
Recently I installed a new version of CWP on Distro Name: AlmaLinux release 9.5 (Teal Serval) with Apache version: Apache/2.4.62, PHP version: 7.4.33, MySQL version: 15.2 and Server version: 11.4.4-MariaDB - MariaDB Server. The database creation and import are working fine. But the issue is when we insert any data to database using any php form none of the data are not inserting to database. only the database INSERT Function are not working. I tried different way to post data using php form all are not working. To confirm the php code didn't have any issue I also check the code in other sever and it was working. But there it was working here it is not inserting to database. So please help It was very urgent
Recently I installed a new version of CWP on Distro Name: AlmaLinux release 9.5 (Teal Serval) with Apache version: Apache/2.4.62, PHP version: 7.4.33, MySQL version: 15.2 and Server version: 11.4.4-MariaDB - MariaDB Server. The database creation and import are working fine. But the issue is when we insert any data to database using any php form none of the data are not inserting to database. only the database INSERT Function are not working. I tried different way to post data using php form all are not working. To confirm the php code didn't have any issue I also check the code in other sever and it was working. But there it was working here it is not inserting to database. So please help It was very urgent
3
CSF Firewall / Unable to retrieve blocklist MAXMIND - Unable to download: Not Found
« on: May 27, 2024, 08:40:59 PM »
Hi, in my lfd log iam getting an error log line "Unable to retrieve blocklist MAXMIND - Unable to download: Not Found" because of above iam my server is getting lot of PORT scan from compute.amazonaws.com US location. can some one help me to resolve this issue.
Another thing is my server is getting lot of PORT SCAN from compute.amazonaws.com US Location but my firewall is blocking it but I have already added country code US but it was not working now. So please some one please help me
Another thing is my server is getting lot of PORT SCAN from compute.amazonaws.com US Location but my firewall is blocking it but I have already added country code US but it was not working now. So please some one please help me
4
Postfix / URGENT PLEASE HELP *UID Tracking* 6 blocks for UID 89 (postfix)
« on: November 23, 2023, 01:37:31 PM »
My server is under attack, I have tried many ways to block other attempts but I don't know how to block this *UID Tracking* 6 blocks for UID 89 (postfix) the fld.log didn't have much details. But in the email alert i found the attempt to postfix are from some IP range below is the details if some one can help how to block this will be helpfull, As incoming and outgoing emails are totally stuck now.
Email Log message :
1. on the same time of UID Tracking this log are also coming some time
2
Email Log message :
Code: [Select]
Sample of port hits:
Nov 23 19:02:38 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=63421 DF PROTO=TCP SPT=55748 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:41 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39843 DF PROTO=TCP SPT=55732 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:45 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=63424 DF PROTO=TCP SPT=55748 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:49 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39844 DF PROTO=TCP SPT=55732 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:49 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=1159 DF PROTO=TCP SPT=55734 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=89
Nov 23 19:02:53 cbwh kernel: Firewall: *TCP_OUT Blocked* IN= OUT=eth0 SRC=173.249.41.250 DST=64.233.166.27 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=63425 DF PROTO=TCP SPT=55748 DPT=25 WINDOW=29200 RES=0x00 SYN URGP=0 UID=89 GID=891. on the same time of UID Tracking this log are also coming some time
Code: [Select]
Nov 23 18:15:17 cbwh lfd[21967]: (WPLOGIN) WP Login Attack 62.149.0.23 (UA/Ukraine/0-23.mcom2.cc.colocall.com): 10 in the last 3600 secs - *Blocked in csf* [LF_CUSTOMTRIGGER]2
Code: [Select]
Nov 23 18:00:14 cbwh lfd[19670]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:00:29 cbwh lfd[19704]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:00:39 cbwh lfd[19722]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:00:54 cbwh lfd[19764]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:01:09 cbwh lfd[19819]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:02:04 cbwh lfd[20005]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:02:34 cbwh lfd[20116]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:03:09 cbwh lfd[20216]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:04:45 cbwh lfd[20401]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:05:30 cbwh lfd[20574]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:07:30 cbwh lfd[20812]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:08:05 cbwh lfd[20879]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:08:35 cbwh lfd[20931]: *UID Tracking* 6 blocks for UID 89 (postfix)
Nov 23 18:09:31 cbwh lfd[21030]: *UID Tracking* 6 blocks for UID 89 (postfix)
5
CentOS 7 Problems / Can we delete File and folders under tmp Folder ?
« on: September 01, 2023, 07:58:55 PM »
Hi,
My server disk usage was increased recently no it was showing 87% So I don't know why it was like that I didn't have much website hosted under my server. I noticed there are many files under tmp Folder. In windows we mostly remove %temp% , Prefetch etc. So I need to know If there are folder or files which we can delete which will not effect our server or services. Please help me..
My server disk usage was increased recently no it was showing 87% So I don't know why it was like that I didn't have much website hosted under my server. I noticed there are many files under tmp Folder. In windows we mostly remove %temp% , Prefetch etc. So I need to know If there are folder or files which we can delete which will not effect our server or services. Please help me..
6
CentOS 7 Problems / Error 503 Backend fetch failed on all website hosted in our server
« on: July 01, 2023, 08:54:16 PM »
Hi,
Recently all website Hosted in my server are showing below error, its seems the error are because of Varnish Cache Serve.
I have tried many way to resolve this issue but nothing worked, Wordpress website are showing below error
Error 503 Backend fetch failed
Backend fetch failed
Guru Meditation:
XID: 262174
Varnish cache server
Other PHP websites are showing below error
Error 503 Backend fetch failed
Can some help me to resolve this issue, it will be helpful..
Recently all website Hosted in my server are showing below error, its seems the error are because of Varnish Cache Serve.
I have tried many way to resolve this issue but nothing worked, Wordpress website are showing below error
Error 503 Backend fetch failed
Backend fetch failed
Guru Meditation:
XID: 262174
Varnish cache server
Other PHP websites are showing below error
Error 503 Backend fetch failed
Can some help me to resolve this issue, it will be helpful..
7
CentOS 7 Problems / Laravel hosted user unable to send mail from ssh using php artisan
« on: February 08, 2023, 08:16:45 PM »
Hi,
One of my hosting user was unable to execute a command line in laravel through ssh.
command : php artisan make:mail TestEmail
while executing it getting this error message. " bash: php: command not found "
I have searched every where but didn't know how to resolve it ..
One of my hosting user was unable to execute a command line in laravel through ssh.
command : php artisan make:mail TestEmail
while executing it getting this error message. " bash: php: command not found "
I have searched every where but didn't know how to resolve it ..
8
CentOS 7 Problems / Warning: mail(): Multiple or malformed newlines found in additional_header in
« on: December 17, 2022, 08:45:04 PM »getting a error message while sending an from mail_queue, any one can help me ?
error message
Warning: mail(): Multiple or malformed newlines found in additional_header in mail_queue/usr/local/cwpsrv/htdocs/resources/admin/modules/mail_queue.php
9
CentOS 7 Problems / Host or domain name not found. type=MX: Host not found, try again
« on: November 28, 2022, 04:52:24 PM »
From the past three weeks iam some of the email send from domain names are still in the Postfix Mail Queue
when we try to Process the Queue still it will be gone to deferred list. I found those domains are using google Gsuite (Google work space) all the dns of these domain name's are correct and successfully fetching in mx tool box and google dig tools. If any body have any idea of this issue please help me asap other wise i will loose some customers.
Error message :
(Host or domain name not found. Name service error for name=abcd.com type=MX: Host not found, try again)
when we try to Process the Queue still it will be gone to deferred list. I found those domains are using google Gsuite (Google work space) all the dns of these domain name's are correct and successfully fetching in mx tool box and google dig tools. If any body have any idea of this issue please help me asap other wise i will loose some customers.
Error message :
(Host or domain name not found. Name service error for name=abcd.com type=MX: Host not found, try again)
10
E-Mail / Mail sending Issue : connect to alt1.aspmx.l.google.com: Network is unreachable
« on: June 08, 2022, 10:46:09 PM »
Hi,
From today none of the email are sending out to gmail. Past days i was able to receive Firewall logs mail (LFD) but now i can see more than 50 emails are in Mail Queue. Did any one have similar issue or any idea why it was not sending default and automatic emails out from server.
Please help URGENT..
From today none of the email are sending out to gmail. Past days i was able to receive Firewall logs mail (LFD) but now i can see more than 50 emails are in Mail Queue. Did any one have similar issue or any idea why it was not sending default and automatic emails out from server.
Please help URGENT..
11
CentOS 7 Problems / ALL WEBSITES ARE DOWN
« on: February 02, 2022, 05:53:37 PM »
Yesterday all website are working fine, today evening everything gone down, we don't know what happened.
OUR SSH is off and we can only login to ssh through VNC. when executing a command we also getting an error message
Unable to register authentication agent: GDBus.Error:org.freedesktop.PolicyKit1.... etc. any one have similar issue did you
have any solutions
OUR SSH is off and we can only login to ssh through VNC. when executing a command we also getting an error message
Unable to register authentication agent: GDBus.Error:org.freedesktop.PolicyKit1.... etc. any one have similar issue did you
have any solutions
12
SSL / Letsencrypt SSL Certificate issue in Hosted domain names
« on: October 02, 2021, 08:46:11 PM »
" Connection not protected "
From 1st October 2021 all our hosted domain names in the server are showing Connection not protected error message. We tried to renew some ssl from the CWP pro panel but it was not renewing at all. Any one have the same issue or can you suggest me a resolution for this issue.
See the screenshot : https://image.prntscr.com/image/jtM5z9SaQL-zfClNhtyTaA.png
From 1st October 2021 all our hosted domain names in the server are showing Connection not protected error message. We tried to renew some ssl from the CWP pro panel but it was not renewing at all. Any one have the same issue or can you suggest me a resolution for this issue.
See the screenshot : https://image.prntscr.com/image/jtM5z9SaQL-zfClNhtyTaA.png
13
E-Mail / Email accounts are using more than allocated Disk space for email account
« on: June 25, 2021, 10:59:37 AM »
After the recent update some email account users email usage is showing more than allocated space, It was an big BUG in CWP.
it was our experience and those customers are not able to attach file to their email because of this bug. Screen shot added below let me know if any one can help on this . Continuous Bug in CPW making us to move back to CPanel
After recent update on CWP the email account usage are showing out of allowed space for each account, there was issue in CWP and it is a BUG. how these email users can use more than allow space for their email usage ? IF CWP is working fine this will not happen so below person always say there was no issue in CWP from our expreience CWP always have BUGS and it was not resolved or sorted yet.
http://prntscr.com/16puu6e
it was our experience and those customers are not able to attach file to their email because of this bug. Screen shot added below let me know if any one can help on this . Continuous Bug in CPW making us to move back to CPanel
After recent update on CWP the email account usage are showing out of allowed space for each account, there was issue in CWP and it is a BUG. how these email users can use more than allow space for their email usage ? IF CWP is working fine this will not happen so below person always say there was no issue in CWP from our expreience CWP always have BUGS and it was not resolved or sorted yet.
http://prntscr.com/16puu6e
14
CSF Firewall / Targeted attack on pop3d, SSH, IMAP, PORTS more than 500 IP are blocking a day
« on: May 16, 2021, 12:08:39 PM »
From the past 4-5 days my server was targeted by hacker, with in one to three second difference my LFD is alerting us message like below. In a day we are getting more than 500 pop3 login failed attempt from different IP address and different country.
So we stopped the Dovecot IMAP/POP3 Server service for a day but it will not given any resolution when ever we turn on the service attempt start again.
Any one have any solution to protect the server ?
Log entries:
May 16 17:15:59 pop3-login: Info: Disconnected (auth failed, 1 attempts in 2 secs): user=<info@hosteddomain.com>, method=PLAIN, rip=5.95.195.241, lip= ip removed, session=<Y6QyBXHCFcEFX8Px>
May 16 17:15:37 pop3-login: Info: Disconnected (auth failed, 1 attempts in 2 secs): user=<info@hosteddomain.in>, method=PLAIN, rip=83.110.207.34, lip=ip removed, session=<4f/kA3HCd+BTbs8i>
May 16 17:15:07 pop3-login: Info: Disconnected (auth failed, 1 attempts in 2 secs): user=<info@hosteddomain.com>, method=PLAIN, rip=157.32.0.107, lip=ip removed, session=<JMMXAnHCo9+dIABr>
etc.... see the screen shot for more logs
So we stopped the Dovecot IMAP/POP3 Server service for a day but it will not given any resolution when ever we turn on the service attempt start again.
Any one have any solution to protect the server ?
Log entries:
May 16 17:15:59 pop3-login: Info: Disconnected (auth failed, 1 attempts in 2 secs): user=<info@hosteddomain.com>, method=PLAIN, rip=5.95.195.241, lip= ip removed, session=<Y6QyBXHCFcEFX8Px>
May 16 17:15:37 pop3-login: Info: Disconnected (auth failed, 1 attempts in 2 secs): user=<info@hosteddomain.in>, method=PLAIN, rip=83.110.207.34, lip=ip removed, session=<4f/kA3HCd+BTbs8i>
May 16 17:15:07 pop3-login: Info: Disconnected (auth failed, 1 attempts in 2 secs): user=<info@hosteddomain.com>, method=PLAIN, rip=157.32.0.107, lip=ip removed, session=<JMMXAnHCo9+dIABr>
etc.... see the screen shot for more logs
15
E-Mail / LOT OF HACKING ATTEMPT LF_SMTPAUTH SASL LOGIN authentication failed
« on: June 10, 2020, 04:15:10 PM »
Dear CWP,
Getting lot of attack from the past month itself, all attempt are from different county some of them are from the same country and we have blocked some country in the CC_DENY (CN,RU,BG,RU,BR,TR,LT,NL,TR,RO,IE,US) But some of our customers from CC_DENY list was not able to access their website. In the past month these attack was very less but in past day in was increased. As it was not possible to block all country's but you may need to tell us or implement an solution to block these type of attack on SMTP. Below i have added some of them with details please go through it and tell us an solution. Also we are not able to find out which user account they where trying to login ?
Latest:
Time: Wed Jun 10 19:28:38 2020 +0530
IP: 193.56.28.176 (GB/United Kingdom/-)
Failures: 3 (smtpauth)
Interval: 3600 seconds
Blocked: Permanent Block [LF_SMTPAUTH]
Log entries:
Jun 10 19:28:10 cbwh postfix/smtpd[26746]: warning: unknown[193.56.28.176]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 19:28:23 cbwh postfix/smtpd[26746]: warning: unknown[193.56.28.176]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 19:28:38 cbwh postfix/smtpd[26746]: warning: unknown[193.56.28.176]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Other
Jun 10 18:23:02 cbwh postfix/smtpd[21826]: warning: gw70.coldimport.com.pe[209.45.62.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 18:23:02 cbwh postfix/smtpd[21826]: warning: gw70.coldimport.com.pe[209.45.62.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 18:23:02 cbwh postfix/smtpd[21826]: warning: gw70.coldimport.com.pe[209.45.62.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 12:50:00 cbwh postfix/smtpd[14837]: warning: unknown[141.98.80.152]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 09:06:22 cbwh postfix/smtpd[17322]: warning: unknown[59.55.36.129]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 12:29:46 cbwh postfix/smtpd[12248]: warning: unknown[37.49.230.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 12:29:46 cbwh postfix/smtpd[12248]: warning: unknown[37.49.230.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 9 18:31:19 cbwh postfix/smtpd[28740]: warning: unknown[5.249.164.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 9 13:21:14 cbwh postfix/smtpd[27667]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Continuous Attack with different IP
Failures: 6 (smtpauth)
Interval: 3600 seconds
Blocked: Permanent Block [LF_SMTPAUTH]
Jun 8 23:07:43 cbwh postfix/smtpd[4946]: warning: unknown[46.38.145.247]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 23:08:01 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.251]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 23:06:20 cbwh postfix/smtpd[4946]: warning: unknown[46.38.145.252]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 23:04:20 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.253]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 23:04:20 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.253]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:57:40 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.6]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:57:44 cbwh postfix/smtpd[4558]: warning: unknown[46.38.145.249]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:56:48 cbwh postfix/smtpd[4558]: warning: unknown[46.38.145.248]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:51:43 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.4]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:50:24 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Getting lot of attack from the past month itself, all attempt are from different county some of them are from the same country and we have blocked some country in the CC_DENY (CN,RU,BG,RU,BR,TR,LT,NL,TR,RO,IE,US) But some of our customers from CC_DENY list was not able to access their website. In the past month these attack was very less but in past day in was increased. As it was not possible to block all country's but you may need to tell us or implement an solution to block these type of attack on SMTP. Below i have added some of them with details please go through it and tell us an solution. Also we are not able to find out which user account they where trying to login ?
Latest:
Time: Wed Jun 10 19:28:38 2020 +0530
IP: 193.56.28.176 (GB/United Kingdom/-)
Failures: 3 (smtpauth)
Interval: 3600 seconds
Blocked: Permanent Block [LF_SMTPAUTH]
Log entries:
Jun 10 19:28:10 cbwh postfix/smtpd[26746]: warning: unknown[193.56.28.176]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 19:28:23 cbwh postfix/smtpd[26746]: warning: unknown[193.56.28.176]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 19:28:38 cbwh postfix/smtpd[26746]: warning: unknown[193.56.28.176]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Other
Jun 10 18:23:02 cbwh postfix/smtpd[21826]: warning: gw70.coldimport.com.pe[209.45.62.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 18:23:02 cbwh postfix/smtpd[21826]: warning: gw70.coldimport.com.pe[209.45.62.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 18:23:02 cbwh postfix/smtpd[21826]: warning: gw70.coldimport.com.pe[209.45.62.70]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 12:50:00 cbwh postfix/smtpd[14837]: warning: unknown[141.98.80.152]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 09:06:22 cbwh postfix/smtpd[17322]: warning: unknown[59.55.36.129]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 12:29:46 cbwh postfix/smtpd[12248]: warning: unknown[37.49.230.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 10 12:29:46 cbwh postfix/smtpd[12248]: warning: unknown[37.49.230.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 9 18:31:19 cbwh postfix/smtpd[28740]: warning: unknown[5.249.164.2]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 9 13:21:14 cbwh postfix/smtpd[27667]: warning: unknown[103.139.44.210]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Continuous Attack with different IP
Failures: 6 (smtpauth)
Interval: 3600 seconds
Blocked: Permanent Block [LF_SMTPAUTH]
Jun 8 23:07:43 cbwh postfix/smtpd[4946]: warning: unknown[46.38.145.247]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 23:08:01 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.251]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 23:06:20 cbwh postfix/smtpd[4946]: warning: unknown[46.38.145.252]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 23:04:20 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.253]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 23:04:20 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.253]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:57:40 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.6]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:57:44 cbwh postfix/smtpd[4558]: warning: unknown[46.38.145.249]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:56:48 cbwh postfix/smtpd[4558]: warning: unknown[46.38.145.248]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:51:43 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.4]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jun 8 22:50:24 cbwh postfix/smtpd[3963]: warning: unknown[46.38.145.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Pages: [1] 2
