Logging unsuccessful completion of SMTP-authentication (Sendmail)

M

mrrc

After transferring mail servers from Freebsd 8.2\Sendmail 8.14.6 and FreeBSD 11.1\Sendmail 8.15.1 to the current FreeBSD 13.2\Sendmail 8.17.1 i noticed a large number of entries in /var/log/maillog of the following type:

...
Jan 13 18:44:38 sm-mta[11029]: 40DFiXAC011029: AUTH failure (CRAM-MD5): user not found (-20) SASL(-13): user not found: user: sed@mydomain.com property: cmusaslsecretCRAM-MD5 not found in sasldb /usr/local/etc/sasldb2, user=sed, relay=[121.162.147.204]
Jan 13 18:44:40 sm-mta[11029]: 40DFiXAC011029: [121.162.147.204] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA

Jan 13 18:44:53 sm-mta[11038]: 40DFioDX011038: AUTH failure (CRAM-MD5): user not found (-20) SASL(-13): user not found: user: usenet@mydomain.com property: cmusaslsecretCRAM-MD5 not found in sasldb /usr/local/etc/sasldb2, user=usenet@mydomain.com, relay=[216.126.65.186]
Jan 13 18:44:54 sm-mta[11038]: 40DFioDX011038: [216.126.65.186] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA
...
Click to expand...

I maintain a separate database of users (/usr/local/etc/sasldb2) who require SMTP authentication, other users are granted access via /ets/mail/access.

I understand that unsuccessful attempts to pass authentication are logged, but these records greatly interfere with the analysis of sending/receiving normal messages and the operation of the mail service.
Can I get rid of these log entries?
Thank you.
 
We tried to set fail2ban against smtp attempts and set up connections with Sendmail?
 
You must log in or register to reply here.
Back
Top