• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Fail2Ban plesk-postfix jail banning Apple Mail users

M

Matthew Allen

New Pleskian
I have several Mac Mail users who cannot send mail as their IP addresses are being banned by Fail2Ban plesk-postfix jail. I can add them to the Trusted list but they're on dynamic IP's so when their IP does change they can no longer access the their Email or their Website. Is there a fix for this, other than not using Mac Mail ;), my customers are getting quite frustrated by this situation.
 
Hi Matthew Allen,

to investigate your issue/problem, we do need the corresponding entries ( errors ) from your mail.log, because we can not guess the reason(s) for Fail2Ban - bans. It is as well usefull to include your ( maybe modified ) jail "plesk-postfix" with your next post, so that investigations could be done faster.
 
Hello
I have the problem with the Mac users.
For a while it is good but then the IP's over Fail2Ban blocked.
Strangely, this happens exclusively with MAC. All users with Outlook, Thundebird or other mails have no problems.

Here is a log excerpt from the Mail.log:
Code: 
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: connect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: SASL authentication failure: client response doesn't match what we generated (tried bogus)
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: ##############-deutschland.de[95.xx.xx.xx]: SASL DIGEST-MD5 authentication failed: authentication failure
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: disconnect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: connect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: SASL authentication failure: client response doesn't match what we generated (tried bogus)
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: ##############-deutschland.de[95.xx.xx.xx]: SASL DIGEST-MD5 authentication failed: authentication failure
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: disconnect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: connect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: SASL authentication failure: incorrect digest response
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: ##############-deutschland.de[95.xx.xx.xx]: SASL CRAM-MD5 authentication failed: authentication failure
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: disconnect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: connect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: SASL authentication failure: incorrect digest response
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: ##############-deutschland.de[95.xx.xx.xx]: SASL CRAM-MD5 authentication failed: authentication failure
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: disconnect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: connect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail plesk_saslauthd[23646]: listen=6, status=5, dbpath='/plesk/passwd.db', keypath='/plesk/passwd_db_key', chroot=1, unprivileged=1
Apr xx.xx.xx.xx mail plesk_saslauthd[23646]: privileges set to (104:110) (effective 104:110)
Apr xx.xx.xx.xx mail plesk_saslauthd[23646]: failed mail authenticatication attempt for user '[email protected]' (password len=15)
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: SASL authentication failure: Password verification failed
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: ##############-deutschland.de[95.xx.xx.xx]: SASL PLAIN authentication failed: authentication failure
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: disconnect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: connect from ##############-deutschland.de[95.xx.xx.xx]
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: SASL authentication failure: Password verification failed
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: warning: ##############-deutschland.de[95.xx.xx.xx]: SASL PLAIN authentication failed: authentication failure
Apr xx.xx.xx.xx mail postfix/smtpd[23644]: disconnect from ##############-deutschland.de[95.xx.xx.xx]
 
It is not specificially happening with the MAC, but you have the impression it does, because your MAC mail accounts use wrong access credentials or password encryption modes. Simply adjust the login data to values that match the server's settings and these accounts won't cause bans any longer.
 
You must log in or register to reply here.

Similar threads

E
fail2ban: plesk-wordpress jail is to restrictive
Replies
1
Views
6K
Kaspar@Plesk
Kaspar@Plesk
Tim Clarke
Issue Problems with recidive jail
Replies
3
Views
629
La Linea
L
T
Question Fail2ban trying to setup a rule to ban ai bots
Replies
4
Views
1K
Bitpalast
Bitpalast
V
Issue Smarthost + SRS = relay?
Replies
2
Views
840
vanlier
V
E
Issue Several understanding errors in my postfix
Replies
4
Views
5K
estanis
E
Back
Top