fail2ban setup centos 7 not picking auth fail?

lists lists at lazygranch.com
Fri May 22 15:00:57 EEST 2020


I leave well enough alone, but rev 2 got a new parser to allow more user control.

The documentation may be old. However  the dovecot trigger does look for auth failed.

dovecot default imap-login: Aborted login (auth failed, 6 attempts): XYZ rip=6.6.6.0, lip=127.0.0.1

I run a personal email server and have the luxury of geographically limiting access to all mail ports other than 25. (I use 587). So I get few attempts at logins. Then again I can't access my email in 99% of the world in addition from hosting companies and cloud servers. 





  Original Message  


From: jerry at seibercom.net
Sent: May 22, 2020 3:38 AM
To: dovecot at dovecot.org
Reply-to: dovecot at dovecot.org
Subject: Re: fail2ban setup centos 7 not picking auth fail?


On Thu, 21 May 2020 23:22:04 -0700, lists stated:
>I use SSHGuard on well ssh (doh!), but supposedly you can use it for
>postfix and dovecot also. I can tell you it is well supported.  I am
>on Centos 7 using firewalld.

SSHGuard works fairly well with Postfix; however, it is virtually
useless with Dovecot. It never picks up on "auth fail" and a few
others. I have submitted documentation and requests to SSHGuard, but
they have never acted upon them, other than to say that they will look
into it.

--
Jerry


More information about the dovecot mailing list