Oops - forgot to CC the list again. Hi Marius,
If I remember correctly I was using a development version for a while - it may have been when macOS moved to unified logging. In /usr/local/sshguard.conf I use: LOGREADER="/usr/bin/log stream --style syslog --info --type log --predicate 'processImagePath == \"/usr/sbin/sshd\" or processImagePath contains \"dovecot\" or processImagePath contains \"postfix/smtpd\”'" I know I can log to a file with postfix and dovecot but I like to have postfix, opendkim, opendmarc, pypolicyd-spf and amavis logs in a single file so use unified logging. I capture the log info every 10 minutes and write it to a mail.log file. I also keep a sshguard blacklist and use a Murus table as the backend. Murus is also the backend for fail2ban which I use to monitor http access. The MacPorts version doesn’t offer the same flexibility. Steve > On 5 Mar 2022, at 01:40, Marius Schamschula <li...@schamschula.com > <mailto:li...@schamschula.com>> wrote: > > Steve, > > I curious, why you are building sshguard from source, rather than using the > MacPorts port. > > Marius > -- > Marius Schamschula >
