Hi,
fail2ban is very effective to stop attacs on the shell accounts. The regex for postfix (mail.log) seems to be ignored. I want to stop hosts which produces the following entries in my log files: Aug 24 22:38:10 debian postfix/smtpd[2123]: NOQUEUE: reject: RCPT from onlinemta58.ccbcjc.com[104.223.236.58]: 550 5.1.1<[email protected]>: Recipient address rejected: User unknown in virtual mailbox table; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<onlinemta58.ccbcjc.com> Aug 24 22:40:07 debian postfix/smtpd[2123]: NOQUEUE: reject: RCPT from unknown[95.140.39.34]: 450 4.7.1 Client host rejected: cannot find your hostname, [95.140.39.34]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<peninsula.williams-sonona.com> My regex seems to be wrong :-( Any suggestions ? Thx Sebastian ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
