1

Topic: fail2ban

I have a domain with domain 50 active accounts. The client IP is always blocked by fail2ban.

Have been changed all the passwords for the accounts, but is still blocking the chain fail2ban-postfix.

In which log file connection attempts are recorded in order to identify which account is experiencing the problem? Does not appear in the log of postfix mail.log.

Or how you can identify because there is blockage of the IP?

Tks

Marcelo M.

2

Re: fail2ban

Fail2ban will ban clients which has more than 5 password failures.
You mentioned it's blocked in iptables chain "fail2ban-postfix", that means there're more than 5 password failures in SMTP authentication.

You might want to tune some settings in /etc/fail2ban/fail2ban.local, maybe append client IP addresses in "ignoreip =" setting?