Oh, maybe it was all those auth failed messages
On July 12, 2018 10:30:47 AM CEST, Sophie Loewenthal
wrote:
>Hi Nick,
>
>Here you go. domain name/users have been obfuscated.
>
>
>Running tests
>=
>
>Use failregex filter file : dovecot, basedir: /etc/fail2ban
>Use log
Hi Nick,
Here you go. domain name/users have been obfuscated.
Running tests
=
Use failregex filter file : dovecot, basedir: /etc/fail2ban
Use log file : /var/log/mail.log.1
Use encoding : UTF-8
Results
===
Failregex: 11 total
|- #) [# of hits] regular expr
Sorry. should have replied to list.
Add --print-all-matched to the fail2ban-regex command
On 12/07/2018 07:59, Sophie Loewenthal wrote:
Morning,
A new K9 Mail client gets banned all the time and I am trying to work
out why.
I have this regex:
failregex = auth:.+dovecot:auth.+authentication\
Morning,
A new K9 Mail client gets banned all the time and I am trying to work
out why.
I have this regex:
failregex = auth:.+dovecot:auth.+authentication\s+failure;.+rhost=
dovecot:.+rip=.+wrong version number
dovecot:.+tried to use disallowed plaintext auth.+rip=