>>>>> "Karel" == Karel <postfix-us...@vcomp.ch> writes:
Karel> I am running small Postfix server for personal use. My logs are flooded Karel> with: Karel> relay access denied Karel> hello rejects Karel> connection rate limit exceeded ... Karel> lost connection after AUTH from ... Karel> Often there are hundreds of these logs from the same IP Karel> address. I know, that I can use fail2ban to block these IP Karel> addresses using iptables. Karel> But I very much dislike the way fail2ban works: Karel> Postfix logs errors -> rsyslog writes them to text file -> Karel> fail2ban parses those text files and creates iptables rules. This is the unix philosophy, stringing together small groups of commands to do the work, instead of having one big tool do everything. Karel> Seems to me, the only step missing to make it even more ugly Karel> would be to print the logs on paper, and then use OCR to scan Karel> them back. Now you're being overdramatic. The nice thing about the above process is that SSH can log to syslog, and fail2ban and parse those out as well. Would it be better if openssh and postfix both called fail2ban directly to add entries? What about sendmail? What about if I prefer to use denyhosts instead? Why should postfix need to know about this? Karel> Does this process have to be so complicated ? Is there no Karel> easier way to block offending IP addresses using iptables ? It's all automated for you, what do you care? And this isn't really a postfix question. John
