Today i have found those logs on the EFA. those logs keeps showing up.
is somebody trying to brut force the EFA ? most of the IP i've checked them and found out they belong to AbustIPDB.Mar 27 02:39:31 filter postfix/smtpd[26541]: connect from unknown[91.234.99.215]
Mar 27 02:39:31 filter postfix/smtpd[26541]: warning: unknown[91.234.99.215]: SASL LOGIN authentication failed: authentication failure
Mar 27 02:39:31 filter postfix/smtpd[26541]: lost connection after AUTH from unknown[91.234.99.215]
Mar 27 02:39:31 filter postfix/smtpd[26541]: disconnect from unknown[91.234.99.215] ehlo=1 auth=0/1 commands=1/2
Mar 27 02:39:36 filter postfix/smtpd[26541]: connect from abelohost-23.200.221.185.dedicated-ip.abelons.com[185.221.200.23]
Mar 27 02:39:36 filter postfix/smtpd[26541]: warning: abelohost-23.200.221.185.dedicated-ip.abelons.com[185.221.200.23]: SASL LOGIN authentication failed: authentication failure
Mar 27 02:39:36 filter postfix/smtpd[26541]: disconnect from abelohost-23.200.221.185.dedicated-ip.abelons.com[185.221.200.23] ehlo=1 auth=0/1 quit=1 commands=2/3
Mar 27 02:42:56 filter postfix/anvil[26542]: statistics: max connection rate 1/60s for (smtp:91.234.99.215) at Mar 27 02:39:31
Mar 27 02:42:56 filter postfix/anvil[26542]: statistics: max connection count 1 for (smtp:91.234.99.215) at Mar 27 02:39:31