Facebook
Twitter- Server operating system version
- Almalinux 9.7
- Plesk version and microupdate number
- 18.0.74 Update #3
Good morning,
I've read a lot about 'problems' with Fail2ban sals filter, and the "solution" was to use postfix[mode=auth], but in my case it doesn't work.
After a little troubleshooting, I have found this inconsistency beetween what is showed on LoBbrowser and what I found on maillog:
LogBrowser
maillog
As you can see, on maillog isn't present the same syntax and even less the IP (HOST), so the sasl filter (old or new with postfix mode) cannot catch the entry.
Now, I ask to you, is there the possibility to catch this IP and block it ?Where I can find the LogBrowser entry so I can configure Fail2ban filter to look at that log ? Should I must set a different journalmatch ?
Thank you for your support.
I've read a lot about 'problems' with Fail2ban sals filter, and the "solution" was to use postfix[mode=auth], but in my case it doesn't work.
After a little troubleshooting, I have found this inconsistency beetween what is showed on LoBbrowser and what I found on maillog:
LogBrowser
maillog
As you can see, on maillog isn't present the same syntax and even less the IP (HOST), so the sasl filter (old or new with postfix mode) cannot catch the entry.
Now, I ask to you, is there the possibility to catch this IP and block it ?Where I can find the LogBrowser entry so I can configure Fail2ban filter to look at that log ? Should I must set a different journalmatch ?
Thank you for your support.
