So I have set up my own mail server 🙃 🙂. What an achievement for me 😆😅 And it was working fine till recently. It becomes really, really slow. And I checked the log and found out this. What could I do and what’s the purpose of this? Is it a brute force attack? All these ips are owned by the same person/group?? Any help or pointers will be deeply appreciated
Yeah that looks a lot like the typical bruteforce attempts from the evil lands of the internet. Fail2ban did the trick for me. Logs are clean now
A quick search for one of the IPs shows this: https://www.abuseipdb.com/check/46.148.40.161
So yes, it’s most likely an attack.
If there’s one thing I’ve learned over the years about self-hosting it’s that I’ll happily pay to not have to deal with email hosting.
The only “self-hosting” I do for email is to download my own local archive for storage.
It’s not a big deal to me and I’d rather have control over the services and, more importantly, the data. And my rented server is cheap.