LuKreme wrote > On 05 Mar 2019, at 10:00, Dominic Raferd < > dominic@.co
> > wrote: >> Fail2ban is (as you know) a way to tackle it. > At 1000 connections a day I don’t think fail2ban or sshguard or whatever > is going to save you anything at all. Oh, I was getting a lot more than 1000 per day - just one IP address was doing 1,000 requests every 8 hours. As a test only, I setup fail2ban at 3PM so that any IP that is on a DNSBL and attempts to connect twice in a 15 min period gets a 12 hour timeout. By 5PM, only 9 IP addresses made it on the ban list. Having those 9 IP addresses banned, I've only had 6 connections total from spambots in the last 2 hours. It's an unbelievable difference. I had to send myself test mail just to be sure the mail server was still working. So it's only a handful of IP's causing all the "issues". -- Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
