Why is Fail-2-Ban loading my Postfix queue with messages?

Posted on December 22, 2015

When I look at my maillog for evidence of mail sent by me from the server, the files are crammed full of messages from Fail-2-Ban. I’m running a Postfix server on Centos 6. Currently I’m using it as send only. If a problem occurs with a recipient, I can barely find the recorded messages sent between my server and the target’s server since my maillog is so cluttered with Fail-2-Ban messages. I don’t remember specifically involving Fail-2-Ban during the Postfix set up. How does Fail-2-Ban get involved ?

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Jon Schwenn

January 15, 2016

Hey there,

Fail2Ban is an additional software that acts as a dynamic firewall. It’ll block IP addresses that have failed log in attempts. It can also send out emails in regards to these attempts.

I’d recommend changing the port that SSH lives on simple to keep your system and mail logs cleaner and easier to read.

You’d want to change the Port line in /etc/ssh/sshd_config. I’d recommend leaving your current SSH session open after restarting sshd service sshd restart and making sure the new port is opened on the firewall. As long as you can connect on the new port you’re good to go. Otherwise there may be a chance you could block yourself and need to regain access using the web console.

Thank you and please let us know if there is anything else we can do for you.

Happy coding,

Jon Schwenn Platform Support Specialist DigitalOcean