I’ve tested my MTU settings and they’re working perfectly fine, so it wouldn’t
be on my end for an MTU thing.
I also did another lookup of the "offending" IPs and they’re all coming from
CloudFlare, which is a bit baffling to me as I’m not using CloudFlare. Which
begs the question, why is
17.05.2018 11:24, Yves via Fail2ban-users пишет:
* one for you: After Fail2ban has successfully matched the regex from
line #1 to line #6, will it resume log parsing at line #6 (next byte)
or #7 (next line), or will it resume log parsing at line #2? For this
solution to work, it must be the
16.05.2018 21:09, Jody Whitesides wrote:
Actually there would be a few other attempts in between line 2 and 6
there. Thus, I’d like to create a filter that can figure out the hex
thing before the 'mta event' as that is what ties the first part’s
attempt to the fact that its failing. Then I’d
Hi Jody,
Le 16/05/2018 à 20:09, Jody Whitesides a écrit :
[…] Here’s what it looks like:
14:27:39 myserver smtpd[8069]: 7ddc60038b38020a mta event=connecting
address=smtp+tls://104.28.23.114:25 host=104.28.23.114
14:27:54 myserver smtpd[8069]: smtp-out: Enabling route [] <->
104.28.22.114
Hi there, I’m a bit of a noob at the whole fail2ban thing, and I’m wondering if
you might know how to add something to it. In the past 24 hours, I’ve had a
couple of IP addresses that are doing something strange. I’m not exactly sure
if they’re attempting to break into the mail server, but I’d