thanks for all the help, I went back to the old server's config, and, it
worked as is, so that will do for now:
# fail2ban-client status dovecot-iredmail
Status for the jail: dovecot-iredmail
|- Filter
| |- Currently failed: 0
| |- Total failed: 5
| `- File list:/var/log/dovecot.log
On Mon, December 18, 2017 12:50 pm, Gao wrote:
> Have you tried just using the the filter dovecot.conf come with the
> fail2ban?
>
> # cat /etc/fail2ban/filter.d/dovecot.conf
Gao, thanks
so do I just put enable in /etc/fail2ban/jail.local ?
# cat jail.local
[dovecot]
enabled= true
filter
On Mon, December 18, 2017 9:40 am, Bill Shirley wrote:
> Copy dovecot-pop3imap.conf to dovecot-pop3imap.local. Edit
> dovecot-pop3imap.local and add to the failregex: dovecot:.+auth
> failed.+rip=
>
> Then run:
> fail2ban-regex /var/log/dovecot.log
> /etc/fail2ban/filter.d/dovecot-pop3imap.local
>
Am 17.12.2017 um 20:08 schrieb voy...@sbt.net.au:
I've made test failed dovecot and postfix from phone/cell connection, I
think? postfix one worked, but, nothing registered on dovecot
do you know where f2b places bad IPs ? I saw them listed on 'status;, but,
couldn't find them in /etc/hosts.deny,
Have you tried just using the the filter dovecot.conf come with the
fail2ban?
# cat /etc/fail2ban/filter.d/dovecot.conf
..
failregex =
^%(__prefix_line)s(?:%(__pam_auth)s(?:\(dovecot:auth\))?:)?\s+authentication
failure; logname=\S* uid=\S* euid=\S* tty=dovecot ruser=\S*
rhost=(?:\s+user
Copy dovecot-pop3imap.conf to dovecot-pop3imap.local. Edit
dovecot-pop3imap.local and add to the failregex:
dovecot:.+auth failed.+rip=
Then run:
fail2ban-regex /var/log/dovecot.log
/etc/fail2ban/filter.d/dovecot-pop3imap.local
and see if you get any matches.
Bill
On 12/16/2017 6:56 PM, voy..
On Mon, December 18, 2017 3:06 am, Alex JOST wrote:
> Did you enable the dovecot service in fail2ban? By default all jails are
> disabled.
>
> /etc/fail2ban/jail.conf:
> [dovecot]
> enabled = true
Alex, thanks
no, not in jail.conf, I've put it in the
(1)
/etc/fail2ban/jail.local
I've also adde
Am 17.12.2017 um 00:56 schrieb voy...@sbt.net.au:
I'm trying to setup and test fail2ban with dovecot
I've installed fail2ban, I've copied config from
https://wiki2.dovecot.org/HowTo/Fail2Ban, and, trying to test it,
attempted multiple mail access with wrong password, but, get this:
# fail2ban-
