Hi All, Here is my final configuration ( I had some problems with failregex) I followed this page http://wiki.dovecot.org/HowTo/Fail2Ban but the failregex doesn´t work for me (I really don´t know why), so I used the comandfail2ban-regex /var/log/maillog dovecot.conf to test it, and finally with this failregex = dovecot.*(imap-login|pop3-login).*Aborted login.*rip=<HOST>.* it works fine. To make it only alert me by email I put this in the jail.conf: [dovecot-pop3imap] enabled = true filter = dovecot #action = iptables-multiport[name=dovecot-pop3imap, port="pop3,imap", protocol=tcp] action = sendmail-whois[name=Dovecot, dest=esggrupos@xxxxxxxxx, sender= fail2ban@xxxxxxxx] logpath = /var/log/maillog maxretry = 5 findtime = 60 bantime = 1200 I hope this helps someone, :-) Thanks for your help ESG -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
