* Jaroslaw Rafa via Postfix-users: > Despite what you say about your unsuccessful attempts with fail2ban, > it seems the best tool for the job. It's the whole idea of fail2ban > anyway - if "SOMETHING" appears in the logfile "SOME" number of times > (which can be 1), then stuff the IP address into iptables for > blocking.
The concept is good. Whether the implementation of fail2ban "the best tool for the job", as you put it, is very much up to debate and depends on individual use cases. My personal take is that fail2ban has become too bloated over its 18 year history, and that it is trying to do too much. I prefer something smaller, less complex, so I wrote my own utility. Can my 137 line Go program do all that fail2ban can? Of course not. However, my little tool fits my personal requirements much better, and I can understand every detail of it. "The best tool" is simply not a universal concept. -Ralph _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
