fail2ban setup centos 7 not picking auth fail?
lists
lists at lazygranch.com
Fri May 22 15:00:57 EEST 2020
I leave well enough alone, but rev 2 got a new parser to allow more user control.
The documentation may be old. However the dovecot trigger does look for auth failed.
dovecot default imap-login: Aborted login (auth failed, 6 attempts): XYZ rip=6.6.6.0, lip=127.0.0.1
I run a personal email server and have the luxury of geographically limiting access to all mail ports other than 25. (I use 587). So I get few attempts at logins. Then again I can't access my email in 99% of the world in addition from hosting companies and cloud servers.
Original Message
From: jerry at seibercom.net
Sent: May 22, 2020 3:38 AM
To: dovecot at dovecot.org
Reply-to: dovecot at dovecot.org
Subject: Re: fail2ban setup centos 7 not picking auth fail?
On Thu, 21 May 2020 23:22:04 -0700, lists stated:
>I use SSHGuard on well ssh (doh!), but supposedly you can use it for
>postfix and dovecot also. I can tell you it is well supported. I am
>on Centos 7 using firewalld.
SSHGuard works fairly well with Postfix; however, it is virtually
useless with Dovecot. It never picks up on "auth fail" and a few
others. I have submitted documentation and requests to SSHGuard, but
they have never acted upon them, other than to say that they will look
into it.
--
Jerry
More information about the dovecot
mailing list