TechQA.

Fail2Ban not blocking failed postfix login under plesk

898 views Asked by At

I have plesk 12.0.18 Update #96 OS: Ubuntu 14.04.3 LTS i have installed fail2ban through plesk and for some reason it's not blocking failed attempt on postfix server.

Dec 20 08:34:53 website postfix/smtpd[6696]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:34:56 website postfix/smtpd[27244]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:35:00 website postfix/smtpd[7415]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:35:32 website postfix/smtpd[6582]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:35:35 website postfix/smtpd[29514]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:35:41 website postfix/smtpd[6582]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:36:03 website postfix/smtpd[6582]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:36:06 website postfix/smtpd[6696]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:36:09 website postfix/smtpd[27244]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:36:15 website postfix/smtpd[6696]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:36:21 website postfix/smtpd[6696]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:36:24 website postfix/smtpd[27244]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure
Dec 20 08:36:27 website postfix/smtpd[6696]: warning: unknown[37.216.243.35]: SASL LOGIN authentication failed: authentication failure

i had to block this ip myslef through iptables -I when i'm checking the logs of fail2ban there is nothing there that even show an attempt to block the ip.

iptables plesk fail2ban
Original Q&A
1

There are 1 answers

0
Jack Deeds On BEST ANSWER

found it. there was a problem with the filter that didnt match it + the rule for ip table was wrong for some reason. and that was the default installation.

Related Questions in IPTABLES

Related Questions in PLESK

Related Questions in FAIL2BAN

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions