Bug#881449: fail2ban: postfix-sasl jail crashes on trying to ban ip address

Sat, 11 Nov 2017 14:31:11 -0800 

Package: fail2ban
Version: 0.9.6-2
Severity: important

Fail2ban postfix-sasl jail crashes when trying to ban an IP address: 

Failed to execute ban jail 'postfix-sasl' action 'iptables-multiport' info 
'CallingMap({'time': 1510389716.3446894, 'ip failures': <function 
Actions.__checkBan.<locals>.<lambda> at 0x7fb8d058a950>, 'ipjailmatches': 
<function Actions.__checkBan.<locals>.<lambda> at 0x7fb8d058a488>, 
'ipjailfailures': <function Actions.__checkBan.<locals>.<lambda> at 
0x7fb8d058a510>, 'matches': 'Nov 11 19:41:40 celaeno postfix/smtpd[12912]: 
warning: unknown[85.183.39.75]: SASL LOGIN authentication failed: 
authentication failure\nNov 11 19:41:48 celaeno postfix/smtpd[12912]: warning: 
unknown[85.183.39.75]: SASL LOGIN authentication failed: authentication 
failure\nNov 11 19:41:55 celaeno postfix/smtpd[12912]: warning: 
unknown[85.183.39.75]: SASL LOGIN authentication failed: authentication 
failure', 'ipmatches': <function Actions.__checkBan.<locals>.<lambda> at 
0x7fb8d0592378>, 'failures': 3, 'ip': '85.183.39.75'})': Error starting action

As a aresult postfix-sasl jail is not fucntiong correctly


-- System Information:
Debian Release: 9.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1), LANGUAGE=en_AU 
(charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages fail2ban depends on:
ii  init-system-helpers  1.48
ii  lsb-base             9.20161125
ii  python3              3.5.3-1

Versions of packages fail2ban recommends:
ii  iptables           1.6.0+snapshot20161117-6
ii  python             2.7.13-2
ii  python3-pyinotify  0.9.6-1
ii  python3-systemd    233-1
ii  whois              5.2.17~deb9u1

Versions of packages fail2ban suggests:
ii  bsd-mailx [mailx]                   8.1.2-0.20160123cvs-4
pn  monit                               <none>
ii  syslog-ng-core [system-log-daemon]  3.8.1-10

-- /etc/fail2ban/jail.local file: 

[postfix-sasl]
enabled  = true
port     = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
filter   = postfix-sasl
logpath  = /var/log/mail.log
bantime  = 86400
maxretry = 3
usedns = warn
findtime = 28800


-- Configuration Files:
/etc/logrotate.d/fail2ban changed:
/var/log/fail2ban.log {
   
    rotate 52
    weekly
    dateext
    compress
    delaycompress
    missingok
    postrotate
        fail2ban-client set logtarget /var/log/fail2ban.log >/dev/null
    endscript
    # If fail2ban runs as non-root it still needs to have write access
    # to logfiles.
    # create 640 fail2ban adm
    create 640 root adm
}


-- no debconf information

Reply via email to