Hi,
fail2ban is very effective to stop attacs on the shell accounts. The regex for postfix (mail.log) seems to be ignored. I want to stop hosts which produces the following entries in my log files: Aug 24 22:38:10 debian postfix/smtpd[2123]: NOQUEUE: reject: RCPT from onlinemta58.ccbcjc.com[104.223.236.58]: 550 5.1.1<i...@meinedomain.de>: Recipient address rejected: User unknown in virtual mailbox table; from=<d...@ccbcjc.com> to=<i...@lkg-nw.de> proto=ESMTP helo=<onlinemta58.ccbcjc.com> Aug 24 22:40:07 debian postfix/smtpd[2123]: NOQUEUE: reject: RCPT from unknown[95.140.39.34]: 450 4.7.1 Client host rejected: cannot find your hostname, [95.140.39.34]; from=<alban9e8r5n1fu...@williams-sonona.com> to=<i...@meinedomain.de> proto=ESMTP helo=<peninsula.williams-sonona.com> My regex seems to be wrong :-( Any suggestions ? Thx Sebastian ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
