I have a question regarding fail2ban on a 10.04 mailserver install. Instructions say to apt-get install fail2ban but then don't get into any configuration for it. Starting to get login attempts from Taiwan I'm guessing: in jail.local enable the Courier, Postfix and SASL modules?
This page contains the extra config settings for the services you described. http://www.howtoforge.com/perfect-server-debian-squeeze-with-bind-and-courier-ispconfig-3-p5 it's for debian, but the config files for fail2ban are the same.
I installed the SASL in jail.local but there must be a difference in the courier*.confs with Ubuntu. Fail2ban won't even start, so I hashed them out while I look into it. thx Code: ERROR iptables -N fail2ban-sasl iptables -A fail2ban-sasl -j RETURN fail2ban-sasl returned 400 well. disable that one too....
