Fail2ban config.

Discussion in 'Installation/Configuration' started by ozgurerdogan, Apr 11, 2020.

  1. ozgurerdogan

    ozgurerdogan Member

    I need to block failed authantication for postfix. How do I do that with fail2ban? I find many differect thread on forum (again) but do not want to mess up server.
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Enable the jails you want. You can see what jails and filters are available from file /etc/fail2ban/jail.conf. For example [postfix-sasl]. Then enable it by adding to /etc/fail2ban/jail.local
    Code:
    [postfix-sasl]
    enabled = true
    
    Further info in Fail2ban documentation.
    PS I just noticed the above information I wrote may be completely bogus for you, since I do not know what Operating System you are running. So if it is not Debian, what I wrote may not apply.
     
  3. ozgurerdogan

    ozgurerdogan Member

    It was already there but after I added following I was able to make it work:

    Code:
    [dovecot]
    enabled = true
    filter = dovecot
    logpath = /var/log/mail.log
    maxretry = 10
    bantime = 7200
    One question, dovecot is for pop and imap, so what is postfix-sasl is for there?
     
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    You wrote in #1:
    Reading the /etc/fail2ban/filter.d/postfix-sasl.conf shows at the first lines
    Code:
    # Fail2Ban filter for postfix authentication failures
    #
    
     

Share This Page