You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2021-03-06 04:15:10
- hopyres
- Member
- Registered: 2021-03-02
- Posts: 13
Fail2ban not work
/etc/fails2ban/jail.d/postfix.conf
enabled = true
mode = aggressive
filter = postfix-my
banaction = iptables
backend = systemd
maxretry = 2
findtime = 1d
bantime = 2w
ignoreip = 127.0.0.1/8I'm verifyed regexp string with fail2ban-regex and this worked.
fail2ban-regex /etc/fail2ban/test/test.log "\[<HOST>\]: SASL ((?i)LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed:(?! Connection lost to authentication server| Invalid authentication mechanism)"
Failregex: 1 total
|- #) [# of hits] regular expression
| 1) [1] \[<HOST>\]: SASL ((?i)LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed:(?! Connection lost to authentication server| Invalid authentication mechanism)
`-Insert this work regex into postfix-my.conf
mdre-auth = \[<HOST>\]: SASL ((?i)LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed:(?! Connection lost to authentication server| Invalid authentication mechanism)On start "fail2ban-regex /etc/fail2ban/test/test.log /etc/fail2ban/filter.d/postfix-my.conf"
Failregex: 0 totalPlease help! 
Offline
#2 2021-03-06 08:24:21
- hopyres
- Member
- Registered: 2021-03-02
- Posts: 13
Re: Fail2ban not work
This is work if inserted
failregex: \[<HOST>\]: SASL ((?i)LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed:(?! Connection lost to authentication server| Invalid authentication mechanism)to /etc/fails2ban/jail.d/postfix.conf file.
Why not worked with /etc/fail2ban/filter.d/postfix-my.conf file ?
Offline
Pages: 1