Why is Fail-2-Ban loading my Postfix queue with messages?

December 22, 2015 1.5k views
Email Firewall Logging CentOS
ralper3
By:
ralper3

When I look at my maillog for evidence of mail sent by me from the server, the files are crammed full of messages from Fail-2-Ban.
I'm running a Postfix server on Centos 6. Currently I'm using it as send only. If a problem occurs with a recipient, I can barely find the recorded messages sent between my server and the target's server since my maillog is so cluttered with Fail-2-Ban messages. I don't remember specifically involving Fail-2-Ban during the Postfix set up. How does Fail-2-Ban get involved ?

Log In to Comment
1 Answer
jschwenn MOD January 15, 2016

Hey there,

Fail2Ban is an additional software that acts as a dynamic firewall. It'll block IP addresses that have failed log in attempts. It can also send out emails in regards to these attempts.

I'd recommend changing the port that SSH lives on simple to keep your system and mail logs cleaner and easier to read.

You'd want to change the Port line in /etc/ssh/sshd_config. I'd recommend leaving your current SSH session open after restarting sshd service sshd restart and making sure the new port is opened on the firewall. As long as you can connect on the new port you're good to go. Otherwise there may be a chance you could block yourself and need to regain access using the web console.

Thank you and please let us know if there is anything else we can do for you.

Happy coding,

Jon Schwenn
Platform Support Specialist
DigitalOcean

Reply
Have another answer? Share your knowledge.

Related Questions