Fail2ban and login_trusted_networks
Javi Legido
javi at legido.com
Mon Dec 21 12:16:15 EET 2020
Hi there.
First of all many thanks to all the people involved in this project for
their time, I really appreciate it.
Second my use case:
a) Container running Webmail (roundcube) with dovecot-ident plugin enabled
<https://github.com/roundcube/roundcubemail/issues/5336#issuecomment-228131074>
.
b) Container running Dovecot 2.3.4.1 (docker-mailserver-mysql
<https://github.com/Kedu-SCCL/docker-mailserver-mysql>) with fail2ban
enabled
Since I need to add the private IP address of the webmail to
"login_trusted_networks" to "...allow to override their IP addresses and
ports" I can keep login to webmail even though if the IP is blocked.
Question: there's any way to:
a) Allow a certain IP range to override it's IP address and ports (as in
"login_trusted_networks") but
b) Be blocked, as any other incoming connections, by fail2ban?
More context. Once the public IP is banned (8.8.8.8 in this example):
```
2020-12-21 10:10:31,371 fail2ban.filter [309]: INFO [dovecot]
Found 8.8.8.8 - 2020-12-21 10:10:31
2020-12-21 10:10:39,189 fail2ban.filter [309]: INFO [dovecot]
Found 8.8.8.8 - 2020-12-21 10:10:39
2020-12-21 10:10:51,222 fail2ban.filter [309]: INFO [dovecot]
Found 8.8.8.8 - 2020-12-21 10:10:51
2020-12-21 10:10:52,008 fail2ban.actions [309]: NOTICE [dovecot]
Ban 8.8.8.8
```
I can't reach dovecot by telnet from this public IP:
```
telnet mail.example.com 143
Trying 9.9.9...
telnet: Unable to connect to remote host: Connection refused
```
Unless I removed the ban:
```
docker exec mail fail2ban-client set dovecot unbanip 8.8.8.8
```
Many thanks.
Javier
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20201221/2fcc2196/attachment.html>
More information about the dovecot
mailing list