I am curious -- has anyone looked into a fail2ban implementation for QMT
One of my larger mail servers is being attacked (from China, currently,
but when it started in Malaysia and I blocked all malaysian IPs, they
just moved to another IP) with essentially a brute-force password
guessing atta
You should try this:
https://github.com/fail2ban/fail2ban/blob/master/config/filter.d/qmail.conf
Ed
On 08/06/2014 06:09 PM, Dan McAllister wrote:
I am curious -- has anyone looked into a fail2ban implementation for QMT
One of my larger mail servers is being attacked (from China, currently,
b
Hi Dan.
I'm having same attempts - these days it escalates.
They get a 'tcpserver: end 28341 status 256' in the submission log
because of vpopmail refusal (I think) so I catch them in the maillog
file. (Now I come to think of it one should catch all status 256's and
ban them !)
I using Fail2ban
On 08/06/2014 03:09 PM, Dan McAllister wrote:
I am curious -- has anyone looked into a fail2ban implementation for QMT
On a general note, I believe several people here have implemented f2b on
QMT. You should find discussions and perhaps some other configurations
in the list archives. It'd be
I do have 2 qmt servers with f2b
I will get my configs and share shortly
Dave M
On 8/6/2014 4:26 PM, Eric Shubert wrote:
On 08/06/2014 03:09 PM, Dan McAllister wrote:
I am curious -- has anyone looked into a fail2ban implementation for QMT
On a general note, I believe several people here
Eric Shubert wrote:
> On a general note, I believe several people here have implemented f2b on
> QMT. You should find discussions and perhaps some other configurations
> in the list archives. It'd be nice if people would share their
> configurations here (even if they've done so before).
A while
Hi Folks,
I have centos 6.5 64 bit server with installed qmailtoaster and it's run
successfully. When i tried to use this command logwatch to watch the
reports, it's show below error.
Can't exec "sendmail": No such file or directory at /usr/sbin/logwatch line
1046, line 2.
Can't execute sendmail
As long as you feed ELK from logstash by reading logs there is no reason that
you couldn't attach fail2ban to the same logs. If you plan to forward logs to
elk without local files being written you will have problems.
I have been doing a lot on ELK lately. It's a great system and Kibana
Dashboa