How to ignore email or domain in fail2ban
How to ignore email or domain in fail2ban
If you got into problem with user who is constantly getting his IP banned because wrong email credentials, change this in your /etc/fail2ban/filter.d/dovecot.conf file
First run:
FIND:
REPLACE INTO:
You can do the same also for file:
Then restart fail2ban:
In order to check filter to see what fail2ban will really ignore:
or for Exim:
First run:
Code: Select all
vi /etc/fail2ban/filter.d/dovecot.confCode: Select all
ignoreregex =Code: Select all
ignoreregex = .*@some-domain.com.*
.*@another-domain.com.*Code: Select all
vi /etc/fail2ban/filter.d/exim.confThen restart fail2ban:
Code: Select all
systemctl restart fail2banCode: Select all
fail2ban-regex -v --print-all-ignored /var/log/dovecot.log /etc/fail2ban/filter.d/dovecot.confCode: Select all
fail2ban-regex -v --print-all-ignored /var/log/exim4/mainlog /etc/fail2ban/filter.d/exim.confTags: