[Dovecot] login processes from attacks staying for hours
Kai Schaetzl
maillists at conactive.com
Thu Jul 24 00:31:16 EEST 2008
Bill Landry wrote on Wed, 23 Jul 2008 13:18:44 -0700:
> Kai, you can test your regex using "fail2ban-regex".
Thanks for the answer. Yeah, I found that in the meantime. Great little
helper. For some reason I cannot get any rule that ends in $ to work, so
I've now come up with
failregex = dovecot-auth: pam_unix\(dovecot:auth\): authentication failure;
* rhost=<HOST>
for dovecot on CentOS 5.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the dovecot
mailing list