On 22-05-2020 15:45, Voytek Eymont wrote:
On Fri, May 22, 2020 2:05 pm, Adi Pircalabu wrote:
On 22-05-2020 10:38, Voytek Eymont wrote:
Hardly a Dovecot issue. Can you please post the output of this command? /usr/bin/fail2ban-regex /var/log/dovecot.log /etc/fail2ban/filter.d/dovecot.conf
Adi,
thanks, what I get is:
[...]
Results
Failregex: 5149 total
[...]
Lines: 338975 lines, 0 ignored, 5149 matched, 333826 missed [processed in 87.44 sec]
Right, so it's not a regex problem then, you're getting some matches there, although you might want to revisit it it the result is not consistent with your own searches. It might be that Dovecot isn't logging to systemd' journal, or the regex doesn't match the journal entries. Try to comment out "journalmatch = _SYSTEMD_UNIT=dovecot.service" entry in your filter file, restart f2b and see if there's any change. P.S. Let's try and keep the replies to the list :)
-- Adi Pircalabu