Running debian lenny ispconfig 184.108.40.206 on a VM Trying to work out why the server each day comes under an increased load at a certain time and becomes unresponsive, I've had a look into the logs. One common thing is it keeps getting attempts to connect via ftp, literally 100s of times. The attempts are always failed, but I think leads to the higher load. To try and slow this a little, I've attempted to add ftp to fail2ban and all appeared to work. I used this thread as a guide. http://www.howtoforge.com/forums/showthread.php?t=40177 The other major attempts that keep failing are pop3 connections. To help fight these off, do I simple change the following records to true? Code: [postfix] enabled = false port = smtp,ssmtp filter = postfix logpath = /var/log/mail.log [couriersmtp] enabled = false port = smtp,ssmtp filter = couriersmtp logpath = /var/log/mail.log # # Mail servers authenticators: might be used for smtp,ftp,imap servers, so # all relevant ports get banned # [courierauth] enabled = false port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s filter = courierlogin logpath = /var/log/mail.log [sasl] enabled = false port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s filter = sasl logpath = /var/log/mail.log Or is there a better way to deal with these attempts?