Topic: Fail2ban not banning IP after repeated IMAP login failures
Hi all,
I'm running iRedMail (Ubuntu 22.04, iRedMail 1.6.x) with Fail2ban enabled by default. I noticed that after multiple failed IMAP login attempts (tested via Thunderbird), my IP is not getting banned as expected.
I checked jail.local and confirmed that the dovecot jail is enabled, and the logs do show repeated login failures. It seems like Fail2ban is detecting the events but not actually banning the IP.
Is there any additional configuration needed for Dovecot with iRedMail (e.g., custom filter, log backend, or different log path)?
Thanks!
----
Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.