On 2016-08-19 19:56, Nikolaos Milas wrote: [no porn seen]
I understand your suggestion to query the fail2ban db directly from postfix but I need to research more on how to implement that.
yes if that could be done, it save alot, but if not fail2ban could possible just call a wrapper that updates postfix sqlite maps based on what is in the logs seen, so far so good aswell here, i self have to rethink on how to make it best
Yet, I guess we could get better results by fail2ban itself? Could you suggest how to expand/improve filtering rules and policy so as to get better results from fail2ban itself?
not much, i have not used fail2ban very much to be of much help with it, its not long time since i posted a fail2ban config for blocking based on spamhaus rbls with diffrent ban time pr result, this is the best so far i have made yet
Any directions on how to better leverage fail2ban with any or both ways will be appreciated!
do more static firewalling, eg one week if dul ips or pbl listed, such ips does not change daily, but being abused hourly :(
All the best, Nick
yes back to my gentoo ebuild work :-)
