Question Plesk Obsidian 18.0.65 Update 2 imap-login: Disconnected: Connection closed (auth failed

[Compy]

Server operating system version

Ubuntu 22.04.5

Plesk version and microupdate number

18.0.65 Update #2

After last update our email log is filled with imap connections to all info addresses on all domains located on the same server. These are not used.

But as several have asked before, there is still no possibility to see from which ip this is coming from.Could it be a security gap after the update?

imap-login: Disconnected: Connection closed (auth failed, 1 attempts in 2 secs): user=<info@*********>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<*************>

 

[Kaspar]

[...] But as several have asked before, there is still no possibility to see from which ip this is coming from. [...]

It does show the IP from which the login request got made. It's a request from 127.0.0.1, which means it a local connection.

It's explained pretty well by user Monty in the other thread you replied to.

 

[Compy]

It does show the IP from which the login request got made. It's a request from 127.0.0.1, which means it a local connection.

It's explained pretty well by user Monty in the other thread you replied to.

It was never explained how to solve the problem to the users. And the logs that appear there no longer exist or still lack the real ip address.
Can we try to resolve this issue once and for all.

 

[Compy]

So after some digging. Plesk fail to ban postfix has stopped blocking IMAP authentication errors on port 143 after the latest Plesk update. It is logged, but the abuser is free to perform brute force.