We have to be honest, logs are often an after thought to most developers. Many logs are pretty cryptic unless you can look at the code and see what is going on. In this section, we will share what we think of a specific log: - the cryptic ones, the fun ones and some of the ones we see more often.
May 20 23:56:19 mx1 postfix/smtps/smtpd[3425910]: warning: unknown[118.189.183.180]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
ID: postfix-sasl-failedlogin
For: Linux server running postfix - smtp server
Meaning: Postfix SASL login failed. Someone tried to authenticate via SMTPS from 118.189.183.180 (Singapore).
What to do: If you see many requests from the same IP, we recommend blocking it.