Just wanted to say - nice work !
I'm using the latest fail2ban (from git) to monitor
for SASL and pop3 attacks. Very nice indeed !
There was only one gotcha. Out of the box, the logpath is
set to 'mail.log', it took me a while to realize why things
were not working. For RHEL distros, it should be 'maillog'.
IT Physics and Astronomy
University of Manitoba
Thanks Maiko for the feedback
On Thu, 12 Jul 2012, Maiko Langelaar wrote:
> There was only one gotcha. Out of the box, the logpath is
> set to 'mail.log', it took me a while to realize why things
> were not working. For RHEL distros, it should be 'maillog'.
well -- this might be linux distribution specific and some others could
have it as mail.log (e.g. Debian does) -- ideally it should be taken
care off by the maintainer of the package in any given distribution, but
since you are brave enough to use it from GIT (thanks for testing) -- it
might indeed need to be tuned up for a specific installation.
I would recommend just to create jail.local with such an override:
logpath = /var/log/maillog
or may be we should just make it
logpath = /var/log/mail*log
since we are support globbing? ;)
Yaroslav O. Halchenko
Postdoctoral Fellow, Department of Psychological and Brain Sciences
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419