spam

Unauthorized IMAP connection attempt

Port Scan

postfix (unknown user, SPF fail or relay access denied)

spam

Apr 15 11:20:37 dev0-dcde-rnet sshd[31557]: Failed password for root from 222.186.52.139 port 31503 ssh2
Apr 15 11:42:22 dev0-dcde-rnet sshd[31667]: Failed password for root from 222.186.52.139 port 16844 ssh2

[2020-04-15 05:20:53] NOTICE[1170][C-00000960] chan_sip.c: Call from '' (163.172.230.4:65293) to extension '99999999011972592277524' rejected because extension not found in context 'public'.
[2020-04-15 05:20:53] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-15T05:20:53.107-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="99999999011972592277524",SessionID="0x7f6c080a4838",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.230.4/65293",ACLName="no_extension_match"
[2020-04-15 05:25:18] NOTICE[1170][C-00000966] chan_sip.c: Call from '' (163.172.230.4:52757) to extension '.972592277524' rejected because extension not found in context 'public'.
[2020-04-15 05:25:18] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-15T05:25:18.673-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID=".972592277524",SessionID="0x7f6c08099cc8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddres
...

email spam

Apr 15 05:51:35 dev0-dcde-rnet sshd[27000]: Failed password for root from 50.236.62.30 port 58381 ssh2
Apr 15 06:01:51 dev0-dcde-rnet sshd[27090]: Failed password for root from 50.236.62.30 port 42436 ssh2

2020-04-15T11:10:28.820524vps773228.ovh.net sshd[9381]: Invalid user goverment from 103.4.217.139 port 59453
2020-04-15T11:10:28.841539vps773228.ovh.net sshd[9381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.4.217.139
2020-04-15T11:10:28.820524vps773228.ovh.net sshd[9381]: Invalid user goverment from 103.4.217.139 port 59453
2020-04-15T11:10:30.917934vps773228.ovh.net sshd[9381]: Failed password for invalid user goverment from 103.4.217.139 port 59453 ssh2
2020-04-15T11:18:51.991058vps773228.ovh.net sshd[12416]: Invalid user wp from 103.4.217.139 port 35788
...

spam

(imapd) Failed IMAP login from 66.135.227.178 (US/United States/mail.dellew.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 15 08:24:10 ir1 dovecot[566034]: imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=66.135.227.178, lip=5.63.12.44, TLS, session=

postfix (unknown user, SPF fail or relay access denied)

spam

[ 📨 ] From root@aruba1.sraorh.com Wed Apr 15 01:45:35 2020
Received: from aruba1.sraorh.com ([195.231.79.252]:57272)