Facebook
Twitter
I have a problem which i could not resolve by myself. It happens randomly but on often basis.
Allow me to describe.
There are more of users not jut specific one but for description i am only using "Customer A".
Customer A only interaction with my server is through their Outlook email clients. So basically only for reading and sending emails.
Customer A is getting on Banned IP addressed with these activated jails: "plesk-postfix" and or "recidive". Both have value of 5 for max retry. I am aware of what these jails are for but follow me further.
On random occasion like every two weeks, sometimes every two days Customer A is triggering above mentioned jails and he is getting on ban list and after that obviously i am getting phone calls because company can't use email. Why?
I myself did Outlook setup and there is nothing wrong with it. There is zero chance customer is adding wrong password (so triggering jails ) because it is saved in outlook.
What they are doing or not doing or why Fail2Ban add them to the list. I don't think it's wrong Fail2ban configuration because customers from other subscriptions does not have such problems. For now my solution is to log in to plesk and to unban them manually.
But why they are getting on that list in the first place anyway? They only interaction is through Outlook and why does it work for some period then Ban! Is there a specific log?I mean
/var/log/fail2ban.log does not tell me why it just say banned.
For now i deactivated these two jails which is not good thing i know. Is there an option where i can add pol/range of that provider IP addresses so Fail2ban does not trigger and ban them?
Allow me to describe.
There are more of users not jut specific one but for description i am only using "Customer A".
Customer A only interaction with my server is through their Outlook email clients. So basically only for reading and sending emails.
Customer A is getting on Banned IP addressed with these activated jails: "plesk-postfix" and or "recidive". Both have value of 5 for max retry. I am aware of what these jails are for but follow me further.
On random occasion like every two weeks, sometimes every two days Customer A is triggering above mentioned jails and he is getting on ban list and after that obviously i am getting phone calls because company can't use email. Why?
I myself did Outlook setup and there is nothing wrong with it. There is zero chance customer is adding wrong password (so triggering jails ) because it is saved in outlook.
What they are doing or not doing or why Fail2Ban add them to the list. I don't think it's wrong Fail2ban configuration because customers from other subscriptions does not have such problems. For now my solution is to log in to plesk and to unban them manually.
But why they are getting on that list in the first place anyway? They only interaction is through Outlook and why does it work for some period then Ban! Is there a specific log?I mean
/var/log/fail2ban.log does not tell me why it just say banned.
For now i deactivated these two jails which is not good thing i know. Is there an option where i can add pol/range of that provider IP addresses so Fail2ban does not trigger and ban them?
Last edited:
