This isn't really debian-specific, but I don't know a better place to ask... recently, I've been having servers make a large number of attempts to access my mail host using what appear to be random strings as usernames -- it looks like this:
Apr 4 03:04:30 snowball saslauthd[1179]: pam_unix(:auth): check pass; user unknown Apr 4 03:04:30 snowball saslauthd[1179]: pam_unix(:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= Apr 4 03:04:33 snowball saslauthd[1179]: : auth failure: [user=1b391vovbh....@pfeifferfamily.net] [service=] [realm=] [mech=pam] [reason=PAM auth error] They all have the same form: <something random>.f...@pfeifferfamily.net I'm trying to understand the point; it's not like there's any chance any of those usernames will be valid. This isn't they usual attempts using usernames like root, admin, test1, scan... those I understand. So, anybody have any ideas what's up here?
