Hi, > BTW, I can't crack it for the moment. >>> OK so this isn't going to be quite so neat. You need to add a line: >>> >>> ^RCPT from [^[]*\[<HOST>\]%(_port)s:? 550 5\.5\.1 Protocol error; >>> >>> to the mdre-normal section. Generally the recommended way is to create a >>> postfix.local file, but this would need to contain: >>> >> >> This got mangled by gmail, but I was able to copy the postfix.conf to >> postfix.local and make it somewhat resemble what you pasted, and it appears >> to work. >> > > Actually, it works with fail2ban-regex but isn't catching them from the > live logs. >
Fixed it. It turned out that even though syslog_mail in paths-fedora.conf was pointing to the proper maillog, it apparently wasn't being considered by the postfix.conf filter. I had to add logpath to my jail.conf: [postfix] filter = postfix maxretry = 1 bantime = 48h enabled = true mode = normal logpath = %(syslog_mail)s
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
