Yeah. I don't know what I was thinking when I made it work like that.
I know what you were thinking: if dovecot is writing to a log such as
mylogfile.log, and other utilities are also writing to
mylogfile.log, it's good to know which lines are dovecot.
But I am satisfied with using
Maybe there could be a page in the dovecot wiki about Fail2Ban? A
definitive Dovecot / Fail2ban resource would be useful. (If nobody
else creates one in a week, perhaps I will. But I have to perfect my
Fail2banning first ...)
I couldn't figure out how to add new pages to
I don't know whether this would help with the migration, but I routinely
solve a similar problem. I have implemented mail failover between two
servers -- which are configured with identical sets of mailboxes -- and
every 10 minutes or so, a script grabs any E-Mails from the other server
and
Blast, forgot something: the Simple.pm referenced in the script is
this thing:
http://search.cpan.org/~jpaf/Net-IMAP-Simple-0.93/Simple.pm
Download it, compile it, put it somewhere that the script can find it.
I don't know whether this would help with the migration, but I
routinely solve a
Ed W wrote:
Lou Duchez wrote:
This arrangement is designed to trap POP3 and IMAP separately, and
also to allow a high number of errors before temporarily jailing a
user. This is to decrease the likelihood that a single user from a
single IP will get all his coworkers (temporarily) banned
Lou Duchez wrote:
Ed W wrote:
Lou Duchez wrote:
This arrangement is designed to trap POP3 and IMAP separately, and
also to allow a high number of errors before temporarily jailing a
user. This is to decrease the likelihood that a single user from a
single IP will get all his coworkers
Ed W wrote:
Lou Duchez wrote:
So any failure at any of the three protocols (SMTP, POP3, IMAP) is
considered a strike by all three, and they should all ban the same
guys at the same time. This is as yet untested, but seems like it
should be pretty sound.
I think you only need one service
Ed W wrote:
Just when I think I've achieved ultimate pefection on this, someone
comes along with a great idea. Thanks!
...
action = iptables-multiport[name=smtppop3imap,
port=smtp,pop3,imap, protocol=tcp]
Can I suggest the name mail would summarise the stack of items above?
Did you
Hi,
Is there any way to disable the dovecot: at the beginning of each
line of the log? Fail2Ban responds poorly to it. I know there are a
number of sites with failregex strings for Fail2Ban and Dovecot, but
I've tried them all, and they don't work, at least with the latest
Fail2ban and
Re: the dovecot: at the beginning of the line in the log. I should
mention that other applications encounter a similar issue with Fail2Ban
-- for example, if you're running Asterisk, you have to alter the log
format such that the timestamp is at the beginning of the line:
Bill Landry wrote:
Timo Sirainen wrote:
On Mon, 2009-05-11 at 17:15 -0400, Lou Duchez wrote:
Re: the dovecot: at the beginning of the line in the log. I should
mention that other applications encounter a similar issue with Fail2Ban
-- for example, if you're running Asterisk, you
11 matches
Mail list logo