Good morning all,
First thing thank you all for your help and your answers.
I have asked my ISP to change my own IP I am waiting for the answer, but it is a fixed IP so I don’t know if they will be able to change it.
In fact I just changed the IP on this server, I only changed the IPs at Gandi.
And it was working, and now I can receive but the mail remains in the queue on the server.
I installed this server several years ago, with the help (great help) of Michel André, who is always there every time, he knows the installation well.
I am ready to change some configs on the server if needed.
var/log/message
Aug 11 05:51:52 fred rsyslogd: [origin software=“rsyslogd” swVersion=“8.24.0-34.el7” x-pid=“21168” x-info=“http://www.rsyslog.com”] rsyslogd was HUPed
Aug 11 05:51:54 fred esmith::event[12296]: Event: nethserver-alerts-save
Aug 11 05:51:54 fred esmith::event[12296]: Action: /etc/e-smith/events/nethserver-alerts-save/S02nethserver-alerts-update-alertsdb SUCCESS [0.165354]
Aug 11 05:51:54 fred esmith::event[12296]: expanding /etc/collectd.d/filter.conf
Aug 11 05:51:54 fred esmith::event[12296]: expanding /etc/collectd.d/ping.conf
Aug 11 05:51:55 fred esmith::event[12296]: expanding /etc/collectd.d/threshold.conf
Aug 11 05:51:55 fred esmith::event[12296]: Action: /etc/e-smith/events/actions/generic_template_expand SUCCESS [0.168615]
Aug 11 05:51:55 fred systemd: Reloading.
Aug 11 05:51:55 fred esmith::event[12296]: [INFO] service collectd restart
Aug 11 05:51:55 fred collectd[11947]: Exiting normally.
Aug 11 05:51:55 fred collectd[11947]: collectd: Stopping 5 read threads.
Aug 11 05:51:55 fred systemd: Stopping Collectd statistics daemon…
Aug 11 05:51:55 fred collectd[11947]: collectd: Stopping 5 write threads.
Aug 11 05:51:55 fred collectd[11947]: rrdtool plugin: Shutting down the queue thread. This may take a while.
Aug 11 05:51:55 fred collectd[11947]: ping plugin: Shutting down thread.
Aug 11 05:51:55 fred systemd: Stopped Collectd statistics daemon.
Aug 11 05:51:55 fred systemd: Starting Collectd statistics daemon…
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “syslog” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “rrdtool” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “cpu” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “processes” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “uptime” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “match_regex” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “md” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “load” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “df” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “memory” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “swap” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “interface” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “disk” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “ping” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: ping plugin: MaxMissed < 0, disabled re-resolving of hosts
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “python” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “threshold” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: plugin_load: plugin “unixsock” successfully loaded.
Aug 11 05:51:55 fred collectd[12332]: Systemd detected, trying to signal readyness.
Aug 11 05:51:55 fred systemd: Started Collectd statistics daemon.
Aug 11 05:51:55 fred collectd[12332]: Initialization complete, entering read-loop.
Aug 11 05:51:55 fred esmith::event[12296]: Action: /etc/e-smith/events/actions/adjust-services SUCCESS [0.379472]
Aug 11 05:51:55 fred esmith::event[12296]: Event: nethserver-alerts-save SUCCESS
Aug 11 05:51:57 fred systemd: Removed slice User Slice of root.
Aug 11 05:55:52 fred sshd[12675]: Connection closed by 114.55.124.195 port 45308 [preauth]
Aug 11 05:55:53 fred sshd[12678]: Connection closed by 92.222.1.40 port 34562 [preauth]
Aug 11 05:55:54 fred sshd[12682]: Connection closed by 80.59.98.30 port 59767 [preauth]
Aug 11 05:55:59 fred sshd[12687]: Connection closed by 221.125.235.4 port 59930 [preauth]
Aug 11 05:56:01 fred sshd[12691]: Connection closed by 45.119.53.58 port 43592 [preauth]
Aug 11 05:56:01 fred sshd[12693]: Connection closed by 207.46.132.127 port 1336 [preauth]
Aug 11 05:56:01 fred sshd[12692]: Connection closed by 49.212.155.173 port 47110 [preauth]
Aug 11 06:00:01 fred systemd: Created slice User Slice of root.
Aug 11 06:00:01 fred systemd: Started Session 7455 of user root.
Aug 11 06:01:01 fred systemd: Started Session 7456 of user root.
Aug 11 06:01:37 fred sshd[13031]: Invalid user webmaster from 188.166.216.84 port 51774
Aug 11 06:01:37 fred sshd[13031]: input_userauth_request: invalid user webmaster [preauth]
Aug 11 06:01:39 fred sshd[13031]: Failed password for invalid user webmaster from 188.166.216.84 port 51774 ssh2
Aug 11 06:01:39 fred sshd[13031]: Received disconnect from 188.166.216.84 port 51774:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 06:01:39 fred sshd[13031]: Disconnected from 188.166.216.84 port 51774 [preauth]
Aug 11 06:04:18 fred freshclam[13197]: ClamAV update process started at Sun Aug 11 06:04:18 2019
Aug 11 06:04:18 fred freshclam[13197]: Your ClamAV installation is OUTDATED!
Aug 11 06:04:18 fred freshclam[13197]: Local version: 0.101.2 Recommended version: 0.101.3
Aug 11 06:04:18 fred freshclam[13197]: DON’T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Aug 11 06:04:18 fred freshclam[13197]: main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Aug 11 06:04:18 fred freshclam[13197]: daily.cld is up to date (version: 25537, sigs: 1708323, f-level: 63, builder: raynman)
Aug 11 06:04:18 fred freshclam[13197]: bytecode.cld is up to date (version: 330, sigs: 94, f-level: 63, builder: neo)
Aug 11 06:04:18 fred systemd: Removed slice User Slice of root.
Aug 11 06:14:01 fred systemd: Created slice User Slice of root.
Aug 11 06:14:01 fred systemd: Started Session 7457 of user root.
Aug 11 06:16:01 fred sshd[13998]: Connection closed by 39.105.208.39 port 40232 [preauth]
Aug 11 06:19:49 fred systemd: Removed slice User Slice of root.
Aug 11 06:37:55 fred sshd[15372]: Invalid user jboss from 115.42.181.170 port 33740
Aug 11 06:37:55 fred sshd[15372]: input_userauth_request: invalid user jboss [preauth]
Aug 11 06:37:57 fred sshd[15372]: Failed password for invalid user jboss from 115.42.181.170 port 33740 ssh2
Aug 11 06:37:57 fred sshd[15372]: Received disconnect from 115.42.181.170 port 33740:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 06:37:57 fred sshd[15372]: Disconnected from 115.42.181.170 port 33740 [preauth]
Aug 11 06:40:14 fred sshd[15492]: Connection closed by 116.213.107.8 port 47378 [preauth]
Aug 11 06:52:51 fred sshd[16215]: Invalid user testuser from 59.124.155.22 port 45918
Aug 11 06:52:51 fred sshd[16215]: input_userauth_request: invalid user testuser [preauth]
Aug 11 06:52:53 fred sshd[16215]: Failed password for invalid user testuser from 59.124.155.22 port 45918 ssh2
Aug 11 06:52:53 fred sshd[16215]: Received disconnect from 59.124.155.22 port 45918:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 06:52:53 fred sshd[16215]: Disconnected from 59.124.155.22 port 45918 [preauth]
Aug 11 06:57:24 fred sshd[16447]: Connection closed by 112.65.170.186 port 33694 [preauth]
Aug 11 07:01:01 fred systemd: Created slice User Slice of root.
Aug 11 07:01:01 fred systemd: Started Session 7458 of user root.
Aug 11 07:01:01 fred systemd: Removed slice User Slice of root.
Aug 11 07:01:16 fred sshd[16700]: Connection closed by 80.59.98.30 port 46390 [preauth]
Aug 11 07:01:16 fred sshd[16702]: Connection closed by 92.222.1.40 port 50236 [preauth]
Aug 11 07:01:23 fred sshd[16709]: Connection closed by 49.212.155.173 port 60446 [preauth]
Aug 11 07:01:23 fred sshd[16712]: Connection closed by 45.119.53.58 port 57494 [preauth]
Aug 11 07:01:24 fred sshd[16714]: Connection closed by 221.125.235.4 port 55706 [preauth]
Aug 11 07:01:25 fred sshd[16717]: Connection closed by 207.46.132.127 port 1336 [preauth]
Aug 11 07:08:59 fred sshd[17151]: Failed password for root from 58.115.161.172 port 49290 ssh2
Aug 11 07:09:00 fred sshd[17151]: Received disconnect from 58.115.161.172 port 49290:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 07:09:00 fred sshd[17151]: Disconnected from 58.115.161.172 port 49290 [preauth]
Aug 11 07:09:10 fred sshd[17164]: Connection closed by 114.55.124.195 port 58662 [preauth]
Aug 11 07:14:01 fred systemd: Created slice User Slice of root.
Aug 11 07:14:01 fred systemd: Started Session 7459 of user root.
Aug 11 07:19:54 fred sshd[17937]: Connection closed by 51.158.20.62 port 60095 [preauth]
Aug 11 07:22:48 fred systemd: Removed slice User Slice of root.
Aug 11 07:27:32 fred sshd[18400]: Connection closed by 213.135.239.146 port 36105 [preauth]
Aug 11 07:30:31 fred sshd[18580]: Invalid user tomcat from 218.76.252.245 port 58878
Aug 11 07:30:31 fred sshd[18580]: input_userauth_request: invalid user tomcat [preauth]
Aug 11 07:30:33 fred sshd[18580]: Failed password for invalid user tomcat from 218.76.252.245 port 58878 ssh2
Aug 11 07:30:33 fred sshd[18580]: Received disconnect from 218.76.252.245 port 58878:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 07:30:33 fred sshd[18580]: Disconnected from 218.76.252.245 port 58878 [preauth]
Aug 11 07:34:15 fred sshd[18799]: Connection closed by 39.105.208.39 port 53518 [preauth]
Aug 11 07:35:50 fred sshd[18885]: Connection closed by 139.198.3.81 port 42260 [preauth]
Aug 11 07:37:18 fred dhclient[4583]: DHCPREQUEST on ens2 to 82.238.77.254 port 67 (xid=0x6f5e142d)
Aug 11 07:37:18 fred dhclient[4583]: DHCPACK from 82.238.77.254 (xid=0x6f5e142d)
Aug 11 07:37:20 fred dhclient[4583]: bound to 82.238.77.199 – renewal in 299461 seconds.
Aug 11 07:45:05 fred sshd[19590]: Connection closed by 165.22.110.16 port 58144 [preauth]
Aug 11 07:45:11 fred sshd[19598]: Did not receive identification string from 148.70.103.187 port 37084
Aug 11 07:58:57 fred sshd[20388]: Connection closed by 116.213.107.8 port 57596 [preauth]
Aug 11 08:01:01 fred systemd: Created slice User Slice of root.
Aug 11 08:01:01 fred systemd: Started Session 7460 of user root.
Aug 11 08:01:01 fred systemd: Removed slice User Slice of root.
Aug 11 08:06:56 fred sshd[20847]: Connection closed by 92.222.1.40 port 37702 [preauth]
Aug 11 08:06:56 fred sshd[20850]: Connection closed by 80.59.98.30 port 59681 [preauth]
Aug 11 08:07:03 fred sshd[20857]: Connection closed by 221.125.235.4 port 42808 [preauth]
Aug 11 08:07:03 fred sshd[20858]: Connection closed by 49.212.155.173 port 45550 [preauth]
Aug 11 08:07:03 fred sshd[20861]: Connection closed by 207.46.132.127 port 1336 [preauth]
Aug 11 08:07:05 fred sshd[20865]: Connection closed by 45.119.53.58 port 43160 [preauth]
Aug 11 08:10:12 fred sshd[21068]: Connection closed by 51.83.104.120 port 48172 [preauth]
Aug 11 08:14:01 fred systemd: Created slice User Slice of root.
Aug 11 08:14:01 fred systemd: Started Session 7461 of user root.
Aug 11 08:14:07 fred sshd[21445]: Connection closed by 112.65.170.186 port 40224 [preauth]
Aug 11 08:14:58 fred sshd[21489]: Connection closed by 39.108.131.148 port 54772 [preauth]
Aug 11 08:17:48 fred sshd[21661]: Connection closed by 178.32.215.89 port 55076 [preauth]
Aug 11 08:18:38 fred systemd: Removed slice User Slice of root.
Aug 11 08:25:50 fred sshd[22200]: Connection closed by 114.55.124.195 port 43824 [preauth]
Aug 11 08:32:09 fred sshd[22549]: Failed password for ftp from 115.254.63.52 port 55127 ssh2
Aug 11 08:32:09 fred sshd[22549]: Received disconnect from 115.254.63.52 port 55127:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 08:32:09 fred sshd[22549]: Disconnected from 115.254.63.52 port 55127 [preauth]
Aug 11 08:35:33 fred sshd[22748]: Connection closed by 41.223.142.211 port 60944 [preauth]
Aug 11 08:54:12 fred sshd[23817]: Connection closed by 39.105.208.39 port 38572 [preauth]
Aug 11 09:00:01 fred systemd: Created slice User Slice of root.
Aug 11 09:00:01 fred systemd: Started Session 7462 of user root.
Aug 11 09:01:01 fred systemd: Started Session 7463 of user root.
Aug 11 09:01:39 fred sshd[24280]: Connection closed by 104.248.121.67 port 38133 [preauth]
Aug 11 09:01:47 fred sshd[24289]: Connection closed by 178.33.185.70 port 33568 [preauth]
Aug 11 09:01:52 fred sshd[24291]: Invalid user ubuntu from 59.9.223.244 port 49857
Aug 11 09:01:52 fred sshd[24291]: input_userauth_request: invalid user ubuntu [preauth]
Aug 11 09:01:54 fred sshd[24291]: Failed password for invalid user ubuntu from 59.9.223.244 port 49857 ssh2
Aug 11 09:01:54 fred sshd[24291]: Received disconnect from 59.9.223.244 port 49857:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 09:01:54 fred sshd[24291]: Disconnected from 59.9.223.244 port 49857 [preauth]
Aug 11 09:04:18 fred freshclam[24448]: ClamAV update process started at Sun Aug 11 09:04:18 2019
Aug 11 09:04:18 fred freshclam[24448]: Your ClamAV installation is OUTDATED!
Aug 11 09:04:18 fred freshclam[24448]: Local version: 0.101.2 Recommended version: 0.101.3
Aug 11 09:04:18 fred freshclam[24448]: DON’T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Aug 11 09:04:18 fred freshclam[24448]: main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Aug 11 09:04:18 fred freshclam[24448]: daily.cld is up to date (version: 25537, sigs: 1708323, f-level: 63, builder: raynman)
Aug 11 09:04:18 fred freshclam[24448]: bytecode.cld is up to date (version: 330, sigs: 94, f-level: 63, builder: neo)
Aug 11 09:04:18 fred systemd: Removed slice User Slice of root.
Aug 11 09:12:36 fred sshd[24909]: Connection closed by 92.222.1.40 port 53284 [preauth]
Aug 11 09:12:42 fred sshd[24915]: Connection closed by 80.59.98.30 port 44121 [preauth]
Aug 11 09:12:47 fred sshd[24925]: Connection closed by 49.212.155.173 port 58898 [preauth]
Aug 11 09:12:48 fred sshd[24927]: Connection closed by 221.125.235.4 port 56712 [preauth]
Aug 11 09:12:48 fred sshd[24930]: Connection closed by 45.119.53.58 port 57076 [preauth]
Aug 11 09:12:50 fred sshd[24933]: Connection closed by 207.46.132.127 port 1336 [preauth]
Aug 11 09:13:40 fred sshd[25007]: Connection closed by 104.248.32.164 port 53196 [preauth]
Aug 11 09:14:01 fred systemd: Created slice User Slice of root.
Aug 11 09:14:01 fred systemd: Started Session 7464 of user root.
Aug 11 09:15:44 fred sshd[25247]: Invalid user cyrus from 212.78.210.44 port 43698
Aug 11 09:15:44 fred sshd[25247]: input_userauth_request: invalid user cyrus [preauth]
Aug 11 09:15:46 fred sshd[25247]: Failed password for invalid user cyrus from 212.78.210.44 port 43698 ssh2
Aug 11 09:15:46 fred sshd[25247]: Received disconnect from 212.78.210.44 port 43698:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 09:15:46 fred sshd[25247]: Disconnected from 212.78.210.44 port 43698 [preauth]
Aug 11 09:16:26 fred systemd: Removed slice User Slice of root.
Aug 11 09:17:22 fred sshd[25375]: Connection closed by 116.213.107.8 port 39553 [preauth]
Aug 11 09:25:11 fred sshd[25827]: Did not receive identification string from 198.211.114.208 port 41612
Aug 11 09:30:58 fred sshd[26150]: Connection closed by 112.65.170.186 port 46782 [preauth]
Aug 11 09:31:42 fred sshd[26187]: Connection closed by 118.24.38.12 port 37926 [preauth]
Aug 11 09:36:39 fred sshd[26472]: Address 74.202.20.26 maps to 74-202-20-26.static.ctl.one, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Aug 11 09:36:39 fred sshd[26472]: Invalid user dummy from 74.202.20.26 port 41780
Aug 11 09:36:39 fred sshd[26472]: input_userauth_request: invalid user dummy [preauth]
Aug 11 09:36:42 fred sshd[26472]: Failed password for invalid user dummy from 74.202.20.26 port 41780 ssh2
Aug 11 09:36:42 fred sshd[26472]: Received disconnect from 74.202.20.26 port 41780:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 09:36:42 fred sshd[26472]: Disconnected from 74.202.20.26 port 41780 [preauth]
Aug 11 09:37:37 fred sshd[26523]: Connection closed by 98.4.160.39 port 38538 [preauth]
Aug 11 09:42:11 fred sshd[26784]: Connection closed by 114.55.124.195 port 57194 [preauth]
Aug 11 10:01:01 fred systemd: Created slice User Slice of root.
Aug 11 10:01:01 fred systemd: Started Session 7465 of user root.
Aug 11 10:01:01 fred systemd: Removed slice User Slice of root.
Aug 11 10:06:12 fred sshd[28159]: Invalid user we from 81.133.189.239 port 33559
Aug 11 10:06:12 fred sshd[28159]: input_userauth_request: invalid user we [preauth]
Aug 11 10:06:15 fred sshd[28159]: Failed password for invalid user we from 81.133.189.239 port 33559 ssh2
Aug 11 10:06:15 fred sshd[28159]: Received disconnect from 81.133.189.239 port 33559:11: Bye Bye [preauth]
Aug 11 10:06:15 fred sshd[28159]: Disconnected from 81.133.189.239 port 33559 [preauth]
Aug 11 10:07:05 fred sshd[28214]: Connection closed by 186.31.65.66 port 22951 [preauth]
Aug 11 10:09:19 fred sshd[28365]: Invalid user oracle from 68.68.240.151 port 58995
Aug 11 10:09:19 fred sshd[28365]: input_userauth_request: invalid user oracle [preauth]
Aug 11 10:09:20 fred sshd[28365]: Failed password for invalid user oracle from 68.68.240.151 port 58995 ssh2
Aug 11 10:09:21 fred sshd[28365]: Received disconnect from 68.68.240.151 port 58995:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 10:09:21 fred sshd[28365]: Disconnected from 68.68.240.151 port 58995 [preauth]
Aug 11 10:11:34 fred sshd[28478]: Connection closed by 125.124.30.186 port 36572 [preauth]
Aug 11 10:12:34 fred sshd[28535]: Did not receive identification string from 39.105.208.39 port 51890
Aug 11 10:14:01 fred systemd: Created slice User Slice of root.
Aug 11 10:14:01 fred systemd: Started Session 7466 of user root.
Aug 11 10:17:43 fred systemd: Removed slice User Slice of root.
Aug 11 10:18:29 fred sshd[29127]: Connection closed by 92.222.1.40 port 40702 [preauth]
Aug 11 10:18:32 fred sshd[29131]: Connection closed by 80.59.98.30 port 56781 [preauth]
Aug 11 10:18:35 fred sshd[29135]: Connection closed by 221.125.235.4 port 37144 [preauth]
Aug 11 10:18:35 fred sshd[29137]: Connection closed by 49.212.155.173 port 44028 [preauth]
Aug 11 10:18:39 fred sshd[29142]: Connection closed by 207.46.132.127 port 1336 [preauth]
Aug 11 10:18:39 fred sshd[29145]: Connection closed by 45.119.53.58 port 42748 [preauth]
Aug 11 10:24:04 fred sshd[29434]: Invalid user cq from 77.138.145.133 port 55766
Aug 11 10:24:04 fred sshd[29434]: input_userauth_request: invalid user cq [preauth]
Aug 11 10:24:06 fred sshd[29434]: Failed password for invalid user cq from 77.138.145.133 port 55766 ssh2
Aug 11 10:24:06 fred sshd[29434]: Received disconnect from 77.138.145.133 port 55766:11: Bye Bye [preauth]
Aug 11 10:24:06 fred sshd[29434]: Disconnected from 77.138.145.133 port 55766 [preauth]
Aug 11 10:31:40 fred sshd[29865]: Address 189.254.33.157 maps to customer-189-254-33-157-sta.uninet-ide.com.mx, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Aug 11 10:31:40 fred sshd[29865]: Invalid user postgres from 189.254.33.157 port 54989
Aug 11 10:31:40 fred sshd[29865]: input_userauth_request: invalid user postgres [preauth]
Aug 11 10:31:42 fred sshd[29865]: Failed password for invalid user postgres from 189.254.33.157 port 54989 ssh2
Aug 11 10:31:42 fred sshd[29865]: Received disconnect from 189.254.33.157 port 54989:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 10:31:42 fred sshd[29865]: Disconnected from 189.254.33.157 port 54989 [preauth]
Aug 11 10:32:10 fred sshd[29893]: Connection closed by 154.73.61.7 port 44454 [preauth]
Aug 11 10:34:11 fred sshd[30025]: Connection closed by 142.93.69.223 port 42530 [preauth]
Aug 11 10:35:50 fred sshd[30110]: Connection closed by 116.213.107.8 port 49742 [preauth]
Aug 11 10:45:51 fred sshd[30682]: Connection closed by 112.65.170.186 port 53346 [preauth]
Aug 11 10:47:56 fred sshd[30815]: Connection closed by 123.142.192.18 port 58360 [preauth]
Aug 11 11:00:18 fred sshd[31515]: Connection closed by 114.55.124.195 port 42302 [preauth]
Aug 11 11:01:01 fred systemd: Created slice User Slice of root.
Aug 11 11:01:01 fred systemd: Started Session 7467 of user root.
Aug 11 11:01:01 fred systemd: Removed slice User Slice of root.
Aug 11 11:14:01 fred systemd: Created slice User Slice of root.
Aug 11 11:14:01 fred systemd: Started Session 7468 of user root.
Aug 11 11:22:06 fred systemd: Removed slice User Slice of root.
Aug 11 11:23:21 fred sshd[552]: Address 81.199.120.186 maps to host186.icomm.net.il, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Aug 11 11:23:23 fred sshd[552]: Failed password for root from 81.199.120.186 port 37698 ssh2
Aug 11 11:23:23 fred sshd[552]: Received disconnect from 81.199.120.186 port 37698:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 11:23:23 fred sshd[552]: Disconnected from 81.199.120.186 port 37698 [preauth]
Aug 11 11:24:05 fred sshd[595]: Connection closed by 92.222.1.40 port 56268 [preauth]
Aug 11 11:24:06 fred sshd[598]: Connection closed by 80.59.98.30 port 41461 [preauth]
Aug 11 11:24:14 fred sshd[608]: Connection closed by 49.212.155.173 port 57386 [preauth]
Aug 11 11:24:14 fred sshd[607]: Connection closed by 221.125.235.4 port 59500 [preauth]
Aug 11 11:24:15 fred sshd[611]: Connection closed by 45.119.53.58 port 56650 [preauth]
Aug 11 11:24:15 fred sshd[614]: Connection closed by 207.46.132.127 port 1336 [preauth]
Aug 11 11:25:24 fred sshd[672]: Connection closed by 39.105.208.39 port 36982 [preauth]
Aug 11 11:27:59 fred sshd[788]: Failed password for admin from 77.138.145.133 port 50446 ssh2
Aug 11 11:27:59 fred sshd[788]: Received disconnect from 77.138.145.133 port 50446:11: Bye Bye [preauth]
Aug 11 11:27:59 fred sshd[788]: Disconnected from 77.138.145.133 port 50446 [preauth]
Aug 11 11:33:20 fred sshd[1136]: Connection closed by 180.178.106.124 port 55892 [preauth]
Aug 11 11:33:56 fred sshd[1168]: Connection closed by 114.113.126.163 port 49481 [preauth]
Aug 11 11:35:07 fred sshd[1240]: Connection closed by 134.175.62.14 port 34388 [preauth]
Aug 11 11:47:10 fred sshd[1910]: Invalid user isis from 180.246.37.241 port 41286
Aug 11 11:47:10 fred sshd[1910]: input_userauth_request: invalid user isis [preauth]
Aug 11 11:47:13 fred sshd[1910]: Failed password for invalid user isis from 180.246.37.241 port 41286 ssh2
Aug 11 11:47:13 fred sshd[1910]: Received disconnect from 180.246.37.241 port 41286:11: Bye Bye [preauth]
Aug 11 11:47:13 fred sshd[1910]: Disconnected from 180.246.37.241 port 41286 [preauth]
Aug 11 11:52:45 fred sshd[2241]: Connection closed by 116.213.107.8 port 59871 [preauth]
Aug 11 12:00:01 fred systemd: Created slice User Slice of root.
Aug 11 12:00:01 fred systemd: Started Session 7469 of user root.
Aug 11 12:01:01 fred systemd: Started Session 7470 of user root.
Aug 11 12:02:13 fred sshd[2801]: Connection closed by 112.65.170.186 port 59908 [preauth]
Aug 11 12:03:18 fred sshd[2875]: Invalid user dell from 77.138.145.133 port 46204
Aug 11 12:03:18 fred sshd[2875]: input_userauth_request: invalid user dell [preauth]
Aug 11 12:03:21 fred sshd[2875]: Failed password for invalid user dell from 77.138.145.133 port 46204 ssh2
Aug 11 12:03:21 fred sshd[2875]: Received disconnect from 77.138.145.133 port 46204:11: Bye Bye [preauth]
Aug 11 12:03:21 fred sshd[2875]: Disconnected from 77.138.145.133 port 46204 [preauth]
Aug 11 12:04:18 fred freshclam[2938]: ClamAV update process started at Sun Aug 11 12:04:18 2019
Aug 11 12:04:18 fred freshclam[2938]: Your ClamAV installation is OUTDATED!
Aug 11 12:04:18 fred freshclam[2938]: Local version: 0.101.2 Recommended version: 0.101.3
Aug 11 12:04:18 fred freshclam[2938]: DON’T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Aug 11 12:04:18 fred freshclam[2938]: main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Aug 11 12:04:18 fred freshclam[2938]: Downloading daily-25538.cdiff [100%]
Aug 11 12:05:11 fred freshclam[2938]: daily.cld updated (version: 25538, sigs: 1709967, f-level: 63, builder: raynman)
Aug 11 12:05:11 fred freshclam[2938]: bytecode.cld is up to date (version: 330, sigs: 94, f-level: 63, builder: neo)
Aug 11 12:05:15 fred freshclam[2938]: Database updated (6276310 signatures) from database.clamav.net (IP: 104.16.219.84)
Aug 11 12:05:15 fred systemd: Removed slice User Slice of root.
Aug 11 12:05:15 fred sshd[2987]: Connection closed by 200.116.105.213 port 56078 [preauth]
Aug 11 12:08:12 fred sshd[3182]: Connection closed by 207.154.243.255 port 35056 [preauth]
Aug 11 12:13:21 fred sshd[3460]: Invalid user dummy from 59.124.85.195 port 43872
Aug 11 12:13:21 fred sshd[3460]: input_userauth_request: invalid user dummy [preauth]
Aug 11 12:13:22 fred sshd[3460]: Failed password for invalid user dummy from 59.124.85.195 port 43872 ssh2
Aug 11 12:13:23 fred sshd[3460]: Received disconnect from 59.124.85.195 port 43872:11: Normal Shutdown, Thank you for playing [preauth]
Aug 11 12:13:23 fred sshd[3460]: Disconnected from 59.124.85.195 port 43872 [preauth]
Aug 11 12:14:01 fred systemd: Created slice User Slice of root.
Aug 11 12:14:01 fred systemd: Started Session 7471 of user root.
Aug 11 12:15:45 fred sshd[3730]: Did not receive identification string from 114.55.124.195 port 55618
Aug 11 12:17:10 fred sshd[3801]: Connection closed by 153.254.115.57 port 16308 [preauth]
Aug 11 12:17:44 fred systemd: Removed slice User Slice of root.
A