Question

Why is Fail-2-Ban loading my Postfix queue with messages?

Posted December 22, 2015 2.5k views
CentOSEmailFirewallLogging

When I look at my maillog for evidence of mail sent by me from the server, the files are crammed full of messages from Fail-2-Ban.
I’m running a Postfix server on Centos 6. Currently I’m using it as send only. If a problem occurs with a recipient, I can barely find the recorded messages sent between my server and the target’s server since my maillog is so cluttered with Fail-2-Ban messages. I don’t remember specifically involving Fail-2-Ban during the Postfix set up. How does Fail-2-Ban get involved ?

Add a comment
ralper3
By:
ralper3
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
jschwenn January 15, 2016

Hey there,

Fail2Ban is an additional software that acts as a dynamic firewall. It’ll block IP addresses that have failed log in attempts. It can also send out emails in regards to these attempts.

I’d recommend changing the port that SSH lives on simple to keep your system and mail logs cleaner and easier to read.

You’d want to change the Port line in /etc/ssh/sshd_config. I’d recommend leaving your current SSH session open after restarting sshd service sshd restart and making sure the new port is opened on the firewall. As long as you can connect on the new port you’re good to go. Otherwise there may be a chance you could block yourself and need to regain access using the web console.

Thank you and please let us know if there is anything else we can do for you.

Happy coding,

Jon Schwenn
Platform Support Specialist
DigitalOcean

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help