Cannot enable Fail2ban postfix-sasl jail

OS type and version CentOS Linux 7.9.2009
Webmin version 1.994
Usermin version 1.840
Virtualmin version 7.1
Theme version 19.93.1

Fail2ban is not applying any filters/rules to IP’s abusing SASL login authentication.

The result of fail2ban-client status is

|- Number of jail:      6
`- Jail list:   dovecot, pam-generic, postfix, proftpd, sshd, webmin-auth

However in Webmin > Networking > Fail2Ban Intrusion Detector > Filter Action Jails > postfix-sasl

I have it enabled:

and to confirm fail2ban-client status, in Webmin > Networking > Fail2Ban Intrusion Detector > Jails Status I have:

How can I get Fail2Ban to recognise postfix-sasl jail?

I note this from fail2ban’s github:

filter.d/postfix-sasl.conf: removed (replaced with postfix[mode=auth])

I wonder if that is the reason why Webmin(?) cannot fully enable postfix-sasl. Just thinking.

Ok, I think I might have made some progress, in /etc/fail2ban/jail.local I added a filter line to the sasl section:


filter = postfix[mode=auth]
enabled = true
port    = smtp,465,submission,imap3,imaps,pop3,pop3s

postfix-sasl now shows under fail2ban-client status, I’m not convinced that has auto-magically sorted it but I’ll leave it for now and come back to it.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.