Hello! I created a Perfect Wheezy Server with this tutorial: https://www.howtoforge.com/perfect-server-debian-wheezy-apache2-bind-dovecot-ispconfig-3 I have several users, which are connecting to the mailserver from the same office/IP. The connection to the mailserver (IMAP, SMTP) isn't stable. I configured the mail_max_userip_connections for dovecot already. Fail2Ban is blocking the IP, because of too many connections. How could I reconfigure Fail2Ban to get rid of this problem. Code: 2015-02-09 17:14:59,975 fail2ban.actions: WARNING [dovecot-pop3imap] Unban IPADDRESS 2015-02-09 17:15:20,002 fail2ban.actions: WARNING [dovecot-pop3imap] Ban IPADRRESS 2015-02-09 17:25:20,591 fail2ban.actions: WARNING [dovecot-pop3imap] Unban IPADDRESS (IPADDRESS = address of the office - maximum of 50 connections) I understand this security mechanism, but the server is prepaired for these 50 connections from this office. I already had a look to the jail.conf from Fail2Ban, but everything is disabled exept of "SSH". How could I reconfigure Fail2Ban? I would really appreciate your help. Best! To the admins: How could I rename the title of this thread?
Fail2ban is not blocking based on the connection count. It bans only based on the number of false password tries. so anyone from your office connects with a wrong password.