Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 31st July 2009, 17:32
gscott187 gscott187 is offline
Junior Member
 
Join Date: Jul 2009
Posts: 17
Thanks: 1
Thanked 5 Times in 4 Posts
Default SquirrelMail/imap/pop3 fail2ban IP address

I'm running ISPConfig3 on Centos 5.3 as per the installation instructions at this site. When configuring fail2ban for trapping SquirrelMail failed logins, I notice the following in /var/log/maillog:

Jul 31 15:23:55 server_name imapd: LOGIN FAILED, user=45354, ip=[::ffff:127.0.0.1]
Jul 31 15:24:04 server_name imapd: LOGIN FAILED, user=34566, ip=[::ffff:127.0.0.1]
Jul 31 15:24:14 server_name imapd: LOGIN FAILED, user=56757, ip=[::ffff:127.0.0.1]
Jul 31 15:24:26 server_name imapd: LOGIN FAILED, user=4566, ip=[::ffff:127.0.0.1]

Each failed login generates an entry but with IP address 127.0.0.1 (localhost) and hence fail2ban cannot really action the iptables ban because there's no public IP address in the maillog file.

Does anyone have any ideas how a real IP address might be captured to enable fail2ban to do it's stuff? fail2ban works well on the system for ssh and ftp but they use a different logfile.
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
421 Unexpected failure Lizard King Installation/Configuration 20 7th July 2009 20:43
Postfix not responding to telnet CarbonCopy Server Operation 6 8th May 2009 05:39
sending e-mail using mail() function linuxuser1 HOWTO-Related Questions 38 21st April 2009 12:20
IP Address' newmember Installation/Configuration 1 24th December 2008 10:40
Mail System Error - Returned Mail tristanlee85 General 16 16th March 2008 09:40


All times are GMT +2. The time now is 18:49.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.