random usernames in attempts to break in to my machine?

To: debian-user@lists.debian.org
Subject: random usernames in attempts to break in to my machine?
From: Joe Pfeiffer <pfeiffer@cs.nmsu.edu>
Date: Mon, 04 Apr 2022 07:40:47 -0600
Message-id: <[🔎] 1bsfqtynj4.fsf@pfeifferfamily.net>

This isn't really debian-specific, but I don't know a better place to
ask...  recently, I've been having servers make a large number of
attempts to access my mail host using what appear to be random strings
as usernames -- it looks like this:

Apr  4 03:04:30 snowball saslauthd[1179]: pam_unix(:auth): check pass; user unknown
Apr  4 03:04:30 snowball saslauthd[1179]: pam_unix(:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Apr  4 03:04:33 snowball saslauthd[1179]:                 : auth failure: [user=1b391vovbh.fsf@pfeifferfamily.net] [service=] [realm=] [mech=pam] [reason=PAM auth error]

They all have the same form: <something random>.fsf@pfeifferfamily.net

I'm trying to understand the point; it's not like there's any chance any
of those usernames will be valid.  This isn't they usual attempts using
usernames like root, admin, test1, scan...  those I understand.

So, anybody have any ideas what's up here?

Reply to:

Follow-Ups:
- Re: random usernames in attempts to break in to my machine?
  - From: <tomas@tuxteam.de>
- Re: random usernames in attempts to break in to my machine?
  - From: Teemu Likonen <tlikonen@iki.fi>
- Re: random usernames in attempts to break in to my machine?
  - From: 황병희 <soyeomul@doraji.xyz>
- Re: random usernames in attempts to break in to my machine?
  - From: Nicholas Geovanis <nickgeovanis@gmail.com>
- Re: random usernames in attempts to break in to my machine?
  - From: Joe <joe@jretrading.com>

Prev by Date: Re: Can't create a password successfully.
Next by Date: Re: toshiba video problem
Previous by thread: Re: Debian 11.3 kernel panics on Epyc 7281 CPU
Next by thread: Re: random usernames in attempts to break in to my machine?
Index(es):
- Date
- Thread