On 9/17/2015 11:15 AM, Gao wrote: [snip] > In my jail.local, I have: > [default] > findtime=1200
Change findtime, currently 1200 (20 minutes) should be at least 3600 (1 hr), but I would use an even larger value, say something in the days scale like 1209600 (14 days). > [postfix-sasl] > enabled = true > port = smtp,465,submission,imap3,imaps,pop3,pop3s > logpath = %(postfix_log)s > action = %(action_mwl)s > bantime = 10800 > maxretry = 3 > > Since this attack happens once an hour from a single IP. It just try one > time then stopped. It try again in the next hour. So the result is it > does not get banned! It just put a entry in the fial2ban.log with FOUND. [snip] -- René Berber
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Monitor Your Dynamic Infrastructure at Any Scale With Datadog! Get real-time metrics from all of your servers, apps and tools in one place. SourceForge users - Click here to start your Free Trial of Datadog now! http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
