HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Server Operation (
-   -   Configuring fail2ban (

Classy_Manatee 14th February 2013 21:05

Configuring fail2ban
I am looking into putting fail2ban on a mail server to help reduce the number of outbound spam attacks. Is there a way to set it up to notify me when a user exceeds a maximum number of authentications (successful or failed) in a given time frame? So far I can only find how to set it for failed attempts.

florian030 15th February 2013 08:39

You can change the corresponding failregx so it matches successful and failed logins.


failregex = LOGIN FAILED, .*, ip=\[<HOST>\]$


failregex = LOGIN , .*, ip=\[<HOST>\]$
In the next step change maxretry and maybe the action for the jail.

After reloading the jail, fail2ban triggers on both login-types.

If you have problems with outbound spam,you should check your system instead of using f2b as a workaround.

All times are GMT +2. The time now is 07:53.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.