[arch-general] Automated check log and block postfix
siefke_listen at web.de
siefke_listen at web.de
Wed Jan 1 09:27:02 UTC 2020
Hello,
happy new year first :)
I have questions about postfix and the logfile.
I have often player which try using submission which come in log like:
Jan 1 11:39:19 ru-mail postfix/submission/smtpd[7463]: connect from unknown[45.143.222.192]
Jan 1 11:39:19 ru-mail postfix/submission/smtpd[7463]: disconnect from unknown[45.143.222.192] ehlo=1 auth=0/1 rset=0/1 quit=1 commands=2/4
>From this ip for example
cat /var/log/mail.log | grep 45.143.222.192 | wc -l
1471
I have fail2ban installed but there is nothing happen with. Okay is connect
and disconnect. No error message. I not understand why is so but is ok.
Is there a way to cat this mess and write it automated to iptables? Is
there other way to catch it with a tool? Would be great have someone
an idea here.
Thank you
Silvio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20200101/ba8828de/attachment.sig>
More information about the arch-general
mailing list