What is this log?

We have to be honest, logs are often an after thought to most developers. Many logs are pretty cryptic unless you can look at the code and see what is going on. In this section, we will share what we think of a specific log: - the cryptic ones, the fun ones and some of the ones we see more often.

Log: postfix-sasl-failedlogin

May 20 23:56:19 mx1 postfix/smtps/smtpd[3425910]: warning: unknown[]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

ID:  postfix-sasl-failedlogin
For: Linux server running postfix - smtp server

Meaning: Postfix SASL login failed. Someone tried to authenticate via SMTPS from (Singapore).

What to do: If you see many requests from the same IP, we recommend blocking it.

Simple, affordable, log management and analysis.