Hi,
this problem was present on my up to date system after following the ispconfig3 guide for ubuntu 9.10 and google says some debian users had a similar problem too.(bug 573314)
If you want to block smtp brute force attempts you have to enable the sasl filter in jail.conf and change failregex in /etc/fail2ban/filter.d/sasl.conf to
Code:
failregex = (?i): warning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed
To test it:
Code:
fail2ban-regex /var/log/mail.log /etc/fail2ban/filter.d/sasl.conf
This is a "works for me solution"
Thanks for the great guide, Ispconfig makes things so easy....
English | 
Deutsch
Suggestion: check fail2ban sasl.conf for postfix smtpd
Linear Mode
Recent comments
16 hours 21 min ago
19 hours 16 min ago
20 hours 30 min ago
21 hours 54 min ago
23 hours 31 min ago
1 day 1 hour ago
1 day 2 hours ago
1 day 18 hours ago
1 day 19 hours ago
1 day 22 hours ago