Fail2Ban blockiert Dovecot IMAP

Discussion in 'HOWTO-Related Questions' started by fatmaddin2000, Feb 9, 2015.

  1. fatmaddin2000

    fatmaddin2000 New Member

    Hello!
    I created a Perfect Wheezy Server with this tutorial:
    https://www.howtoforge.com/perfect-server-debian-wheezy-apache2-bind-dovecot-ispconfig-3

    I have several users, which are connecting to the mailserver from the same office/IP. The connection to the mailserver (IMAP, SMTP) isn't stable. I configured the mail_max_userip_connections for dovecot already.

    Fail2Ban is blocking the IP, because of too many connections. How could I reconfigure Fail2Ban to get rid of this problem.
    Code:
    2015-02-09 17:14:59,975 fail2ban.actions: WARNING [dovecot-pop3imap] Unban IPADDRESS
    2015-02-09 17:15:20,002 fail2ban.actions: WARNING [dovecot-pop3imap] Ban IPADRRESS
    2015-02-09 17:25:20,591 fail2ban.actions: WARNING [dovecot-pop3imap] Unban IPADDRESS
    (IPADDRESS = address of the office - maximum of 50 connections)


    I understand this security mechanism, but the server is prepaired for these 50 connections from this office. I already had a look to the jail.conf from Fail2Ban, but everything is disabled exept of "SSH". How could I reconfigure Fail2Ban?

    I would really appreciate your help.

    Best!

    To the admins: How could I rename the title of this thread?
     
    Last edited: Feb 9, 2015
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Fail2ban is not blocking based on the connection count. It bans only based on the number of false password tries. so anyone from your office connects with a wrong password.
     
  3. fatmaddin2000

    fatmaddin2000 New Member

    Thanks! That was exactly the problem.
     

Share This Page