Jun 27 12:03:27 bubba dovecot: auth:
ldap(someu...@mydomain.com,127.0.0.1): invalid credentials
The only other thing I can think of - Postfix runs on this server and
uses Dovecot SASL. Is it possible the Dovecot auth log line is caused
by a Postfix connection attempt?
That would have been my
On 6/27/2017 1:33 AM, Daniel Miller wrote:
On 6/27/2017 12:42 AM, Fabian Schmidt wrote:
Am 26.06.17 schrieb Daniel Miller:
On 2017-06-23 15:09, Marcus Rueckert wrote:
On Fri, 23 Jun 2017 11:38:28 -0700
Daniel Miller wrote:
While auditing my logs after an account was compromised, I see a
n
On 6/27/2017 12:42 AM, Fabian Schmidt wrote:
Am 26.06.17 schrieb Daniel Miller:
On 2017-06-23 15:09, Marcus Rueckert wrote:
On Fri, 23 Jun 2017 11:38:28 -0700
Daniel Miller wrote:
While auditing my logs after an account was compromised, I see a
number of entries like:
Jun 23 11:32:18 bubb
Am 26.06.17 schrieb Daniel Miller:
On 2017-06-23 15:09, Marcus Rueckert wrote:
On Fri, 23 Jun 2017 11:38:28 -0700
Daniel Miller wrote:
While auditing my logs after an account was compromised, I see a
number of entries like:
Jun 23 11:32:18 bubba dovecot: auth:
ldap("one-of-my-accounts",127
On 2017-06-23 15:09, Marcus Rueckert wrote:
On Fri, 23 Jun 2017 11:38:28 -0700
Daniel Miller wrote:
While auditing my logs after an account was compromised, I see a
number of entries like:
Jun 23 11:32:18 bubba dovecot: auth:
ldap("one-of-my-accounts",127.0.0.1): invalid credentials
webmail
On Fri, 23 Jun 2017 11:38:28 -0700
Daniel Miller wrote:
> While auditing my logs after an account was compromised, I see a
> number of entries like:
>
> Jun 23 11:32:18 bubba dovecot: auth:
> ldap("one-of-my-accounts",127.0.0.1): invalid credentials
webmail?
--
openSUSE - SUSE Lin
While auditing my logs after an account was compromised, I see a number
of entries like:
Jun 23 11:32:18 bubba dovecot: auth:
ldap("one-of-my-accounts",127.0.0.1): invalid credentials
I'm trying to figure out where this login attempt is coming from. I do
run ASSP (an SMTP proxy) on this ser
