1

Topic: Intermittent Connection Issues

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer? Downloadable Installer
- Linux/BSD distribution name and version: Ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro?No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I have iRedMail configured on my server and for 90% of the time it appears to function without issue. Then for seemingly no reason local applications are unable to connect to the server:

     - macOS mail fails to connect to SMTP on port 587 and IMAP on port 143
     - Safari can't connect to Roundcube or iRedAdmin because it can't find the server at those addresses (Safari still connects to all other sites)
     - Telnet from a local shell fails to connect to ports 143, 587, 80, 443 etc.

However, during these incidents I can still SSH into the server on port 22 from a local shell and while telnet fails to connect from a local shell it has no problem connecting from a remote shell on another server.

After an indeterminate length of time the server starts accepting connections again.

I'm at a loss as to know where to start looking for what's causing this and am hoping someone can point me in the right direction.

Many thanks, Steve.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Intermittent Connection Issues

After a little digging this appears to be due to Fail2Ban. I noticed my ISP's IP in /var/lib/fail2ban/fail2ban.sqlite3 with a timestamp around the time of the last incident. This would perhaps explain why I can still telnet from a remote shell and why - with a ban time of 3600 seconds in/etc/fail2ban/jail.local - the server eventually "re-appears".

If this is the reason, I now just need to understand why F2B is targeting my IP and how to whitelist it.

Steve.

3

Re: Intermittent Connection Issues

For those interested, it was definitely Fail2Ban. These are the steps I took to confirm:

- Changed maxretry in /etc/fail2ban/jail.local from 5 to 2
- Got my IP banned by F2B by continually entering the wrong password when using telnet 
- Experienced the same issues as in my original post
- Checked /var/lib/fail2ban/fail2ban.sqlite3 for my IP where the 'jail' field for my IP was 'postfix-iredmail'
- On the server typed 'sudo fail2ban-client -i' to enter F2B interactive mode
- fail2ban> status postfix-iredmail displays my banned IP 123.45.678.90

|- Filter
|  |- Currently failed:    0
|  |- Total failed:    8
|  `- File list:    /var/log/mail.log
`- Actions
   |- Currently banned:    1
   |- Total banned:    1
   `- Banned IP list:    123.45.678.90

- fail2ban> set postfix-iredmail unbanip 123.45.678.90
- My IP no longer banned and server accepting connections once again.

Steve

4

Re: Intermittent Connection Issues

You may want to whitelist some IP addresses in file /etc/fail2ban/jail.local. Restarting fail2ban service is required after config file change.