Re: How to display ip address in syslog on linux?
On 01.12.2019 1:46, Demetri A. Mkobaranov wrote: On 11/30/19 6:56 PM, Reio Remma wrote: I made a filter for myself to log failed auth attempts with IP to use in fail2ban. do you mean a fail2ban filter? It's a reporter filter in OpenSMTPD that gathers IP addresses for failed auth and then writes them to maillog: Nov 27 01:02:26 host smtpd[29787]: auth-reporter: failed authentication from user=username address=113.172.130.229 host=static.vnpt.vn Fail2ban takes it from there.
Re: How to display ip address in syslog on linux?
On 11/30/19 6:56 PM, Reio Remma wrote: I made a filter for myself to log failed auth attempts with IP to use in fail2ban. do you mean a fail2ban filter?
Re: How to display ip address in syslog on linux?
On 30.11.2019 18:50, Demetri A. Mkobaranov wrote: Hello, I'm trying to write a fail2ban filter for v.0.6.0.2 running on Debian 10 but I don't see the ip address of the client displayed in syslog. smtpctl log verbose doesn't help. This is all I get: Nov 30 16:48:29 dctl smtpd[9063]: 9ecee3c84e91538d smtp event=authentication user=i...@example.com result=permfail Nov 30 16:48:30 dctl smtpd[9063]: smtp-in: Failed command on session 9ecee3c84e91538d: "AUTH PLAIN (...)" => 535 Authentication failed Is there any way to force smtpd to log the ip address of the client? I made a filter for myself to log failed auth attempts with IP to use in fail2ban. Good luck, Reio
How to display ip address in syslog on linux?
Hello, I'm trying to write a fail2ban filter for v.0.6.0.2 running on Debian 10 but I don't see the ip address of the client displayed in syslog. smtpctl log verbose doesn't help. This is all I get: Nov 30 16:48:29 dctl smtpd[9063]: 9ecee3c84e91538d smtp event=authentication user=i...@example.com result=permfail Nov 30 16:48:30 dctl smtpd[9063]: smtp-in: Failed command on session 9ecee3c84e91538d: "AUTH PLAIN (...)" => 535 Authentication failed Is there any way to force smtpd to log the ip address of the client? Thank you Demetri