How to ignore email or domain in fail2ban
How to ignore email or domain in fail2ban
If you got into problem with user who is constantly getting his IP banned because wrong email credentials, change this in your /etc/fail2ban/filter.d/dovecot.conf file
First run:
FIND:
REPLACE INTO:
Then restart fail2ban:
In order to check filter to see what fail2ban will really ignore:
Big thanks and credits for this going to dpeca
First run:
Code: Select all
vi /etc/fail2ban/filter.d/dovecot.confCode: Select all
ignoreregex =Code: Select all
ignoreregex = .*@some-domain.com.*
.*@another-domain.com.*Code: Select all
systemctl restart fail2banCode: Select all
fail2ban-regex -v --print-all-ignored /var/log/dovecot.log /etc/fail2ban/filter.d/dovecot.confTags: