[arch-general] Automated check log and block postfix

lists at 2ion.de lists at 2ion.de
Wed Jan 1 11:24:01 UTC 2020

On Wed, Jan 01, 2020 at 10:27:02AM +0100, siefke_listen at web.de wrote:
> I have fail2ban installed but there is nothing happen with. Okay is
> connect and disconnect. No error message. I not understand why is so
> but is ok. 

You need to configure fail2ban. It's more like a framework with lots of
builtin but little preconfigured/preenabled stuff.

  * You need to habe the postfix jail or multiple postfix jails enabled:
      enabled = true

      enabled = true


  * You need to ensure that fail2ban actually has logs to work with. For
    example, if postfix does not write log files but all log output ends
    up in journald, then you might need to configure fail2ban with the
    systemd backend to get it to actually consume the logs.

    backend = systemd # or auto


  * You need to make sure that the regexes actually match messages.

That being said, unless you want to do more elaborate evaluation of
attempts the iptables-based recent module as already suggested in this
thread is the simpler, better solution.

More information about the arch-general mailing list