Sam's Tech Blog

'You can check out any time you like, But you can never leave!'


Postfix Fail2ban

Postfix and Fail2ban

Postfix Fail2ban

To enable fail2ban on Postifx SMTP AUTH, add the following lines in /etc/fail2ban/jail.local file. If the file doesn’t exist, then create this file.


enabled  = true
bantime  = 1h
maxretry = 3
filter   = postfix.auth
action   = iptables-multiport[name=postfix, port="http,https,smtp,submission,pop3,pop3s,imap,imaps,sieve", protocol=tcp]
logpath  = /var/log/mail.log

Save and close the file. Then create the filter rule file.

Add the following lines in /etc/fail2ban/filter.d/postfix.auth.conf


failregex = lost connection after AUTH from (.*)\[<HOST>\]
ignoreregex =

Save and close the file. Restart fail2ban the changes to take effect.

systemctl restart fail2ban