https://bugs.contribs.org/show_bug.cgi?id=10447
Bug ID: 10447
Summary: NFR Fail2Ban qpsmtpd.conf: ignore greylisting
Classification: Contribs
Product: SME Contribs
Version: 9.2
Hardware: ---
OS: ---
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: smeserver-fail2ban
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
Target Milestone: ---
On my server I added "ignoreregex" to /etc/fail2ban/filter.d/qpsmtpd.conf in
order to avoid blocking hosts that had email delayed by greylisting.
Here is the ignoreregex line I added:
> ignoreregex = logters.*greylisting.*90.*temporarily denied
This regex appears to identify 'greylisting' entries as tested using:
> fail2ban-regex --print-all-ignored /var/log/qpsmtpd/current
> /etc/fail2ban/filter.d/qpsmtpd.conf /etc/fail2ban/filter.d/qpsmtpd.conf
I think I only needed to do this because I have 'maxretry' set low, 'findtime'
and 'bantime' set high, and 'portscan' (NFR Bug #10422) blocking IPs that
continue to knock on the door after fail2ban blocks them -- but I still think
that a 'greylisting' entry in the log is different from 'earlytalker' or
'dnsbl' (etc).
--
You are receiving this mail because:
You are the QA Contact for the bug._______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
