Re: bad sasl auth log how to
- This is the postfix list. For questions about configuring fail2ban,
please ask on a fail2ban support list.
On 9/26/2012 7:06 AM, Feel Zhou wrote:
> Hello,my friend
> I have setup fail2ban
> enabled = true
> filter = sasl
> backend = polling
> action = iptables[name=sasl, port=smtp, protocol=tcp]
> sendmail-whois[name=sasl, dest=tom@...
> logpath = /var/log/mail.log
> maxretry = 3
> when I use command
> fail2ban-client status
> |- Number of jail: 4
> `- Jail list: postfix-tcpwrapper, ssh-ipfw, ssh-iptables,
> there is no sasl, Does it working?
> Thanks for your time
> 2012/9/26 Scott Lambert <lambert@...
> On Tue, Sep 25, 2012 at 11:57:02PM +0800, Feel Zhou wrote:
> > Hi,My friend
> > Thank you for Benny Pedersen and Noel Jones answer
> > I will try to install fail2ban to stop them next time
> > By the way The IP 18.104.22.168 is too bad
> > I just put it into hosts.deny
> > Thanks a lot
> > TOM
> My fail2ban setup on my mail server is banning close to 2000 hosts
> per day the past week. I think there is a renewed attempt to use
> the bot-nets to bruteforce a lot of e-mail accounts.
> Scott Lambert KC5MLE
> Unix SysAdmin
> lambert@... <mailto:lambert@...>