On 15-02-19 11:34 PM, William Park wrote:
Port 25 is matched by 'fail2ban-dovecot' and 'fail2ban-postfix' which do nothing. So, check postfix main config. Alas I can telnet to port 25 from outside of my lan. What would restrict my lan address? The server is in Germany. I can telnet from work at McMaster University but nothing from my home.
Here's my main.config # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file = /etc/ssl/certs/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_req_ccert = no smtpd_tls_ask_ccert = yes # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = foucault.rjonasz.ca alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = foucault.rjonasz.ca, localhost.rjonasz.ca, localhost relayhost = mynetworks = 127.0.0.0/8 80.241.217.178/32 [::ffff:127.0.0.0]/104 [::1]/128 207.210.30.47/32 198.7.63.205/32 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all home_mailbox = Maildir/ #smtpd_sasl_type = dovecot #smtpd_sasl_path = private/auth-client #smtpd_sasl_local_domain = #smtpd_sasl_security_options = noplaintext,noanonymous #broken_sasl_auth_clients = yes #smtpd_sasl_auth_enable = yes #smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination smtp_tls_security_level = may smtpd_tls_security_level = may smtp_tls_note_starttls_offer = yes smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes tls_random_source = dev:/dev/urandom #smtp_connection_cache_destinations = smtp.gmail.com default_transport = smtp default_destination_concurrency_limit = 5 virtual_alias_domains = rjonasz.ca rjonasz.com rjonasz.net rjonasz.org virtual_alias_maps = hash:/etc/postfix/virtual smtpd_relay_restrictions = permit_mynetworks reject_unauth_destination Cheers, Randy