On Mon, December 18, 2017 12:50 pm, Gao wrote:
Have you tried just using the the filter dovecot.conf come with the fail2ban?
# cat /etc/fail2ban/filter.d/dovecot.conf
Gao, thanks
so do I just put enable in /etc/fail2ban/jail.local ?
# cat jail.local [dovecot] enabled = true filter = dovecot
]# fail2ban-client status dovecot
Status for the jail: dovecot
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| - Journal matches: _SYSTEMD_UNIT=dovecot.service - Actions
|- Currently banned: 0
|- Total banned: 0
`- Banned IP list:
(sorry, I'm structure what I had on old server, it seems to work with smtp auth, so I thought that's correct way to do)
# fail2ban-client status Status |- Number of jail: 2 `- Jail list: dovecot, postfx-sasl
fail2ban-client status postfx-sasl
Status for the jail: postfx-sasl
|- Filter
| |- Currently failed: 0
| |- Total failed: 0
| - File list: /var/log/maillog - Actions
|- Currently banned: 2
|- Total banned: 2
`- Banned IP list: 120.150.227.127 125.126.168.42