View Single Post
  #2  
Old 15th February 2013, 07:39
florian030 florian030 is offline
Senior Member
 
Join Date: Oct 2012
Posts: 230
Thanks: 8
Thanked 64 Times in 55 Posts
Default

You can change the corresponding failregx so it matches successful and failed logins.

Change
Code:
failregex = LOGIN FAILED, .*, ip=\[<HOST>\]$
to

Code:
failregex = LOGIN , .*, ip=\[<HOST>\]$
In the next step change maxretry and maybe the action for the jail.

After reloading the jail, fail2ban triggers on both login-types.

If you have problems with outbound spam,you should check your system instead of using f2b as a workaround.
__________________
regards
Florian

blog.schaal-24.de
Reply With Quote