1 (edited by mmwidz 2022-08-04 19:30:47)

Topic: fail2ban Banned IP Addresses often

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.0 MARIADB edition.
- Deployed with iRedMail Easy or the downloadable installer? downloadable
- Linux/BSD distribution name and version: Red Hat Enterprise Linux release 8.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MYSQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====


roundcube jail with client ip address often  in "Banned IP Address" . i just attached the log file and could you please kindly check it.
I'm firing to unban the ip addresses.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: fail2ban Banned IP Addresses often

there is no logfile nor attachment

but the roundcube jail only triggers on failed login attempts with wrong passwords

3 (edited by mmwidz 2022-08-04 23:01:15)

Re: fail2ban Banned IP Addresses often

I upload again the log file. Please kindly check if available. Mail users said they didn't try wrong password and it's happening everyday. And i don't wanna stop fail2ban services and don't wanna ignore this ips in fail2ban. It's happening minimum 5 times per day.

4

Re: fail2ban Banned IP Addresses often

Please check the log file.

Post's attachments

iredmail_fail2ban.log 1.11 kb, 7 downloads since 2022-08-04 

You don't have the permssions to download the attachments of this post.

5

Re: fail2ban Banned IP Addresses often

So, does only this one client have problems?

I plain looks like he is useing wrong password

6

Re: fail2ban Banned IP Addresses often

Cthulhu wrote:

So, does only this one client have problems?

I plain looks like he is useing wrong password


not only this client , but also some of other clients are facing this issue.

7 (edited by mmwidz 2022-08-05 12:59:51)

Re: fail2ban Banned IP Addresses often

mmwidz wrote:
Cthulhu wrote:

So, does only this one client have problems?

I plain looks like he is useing wrong password


not only this client , but also some of other clients are facing this issue.

most of jail type is roundcube. I think also  it is happening because of wrong credentials. but it's happening day by day. How can i set up to ban only that wrong user. Now this is banned the public ip and the whole office staffs can't use mail service at this time

8

Re: fail2ban Banned IP Addresses often

look exactly what client uses wrong credentials and then teach him a lesson of "how not to fuck with the IT"

for me, it looks like this is done on purpose

9

Re: fail2ban Banned IP Addresses often

lol

10

Re: fail2ban Banned IP Addresses often

Why end users often typed wrong password?

11

Re: fail2ban Banned IP Addresses often

There are estimate 3000+ users.

12

Re: fail2ban Banned IP Addresses often

If you end users connect from static IP, you can whitelist this IP in file /etc/fail2ban/jail.local.