Date: 2013feb19 Product: Postfix, fail2ban Q. Postfix: avoid the annoying spam attempts away from my Postfix logs A. You can use fail2ban to stop an IP-address from contacting you after a few spamming attempts. Install fail2ban:

dnf install fail2ban

Ensure you have /etc/fail2ban/filter.d/postfix.conf If you don't put this in there:

[Definition] failregex = reject: RCPT from (.*)\[<HOST>\]: 554

Add this to /etc/fail2ban/jail.conf

[postfix] enabled = true filter = postfix action = iptables-multiport[name=postfix, port="smtp,submission", protocol=tcp] logpath = /var/log/postfix maxretry = 3

Start fail2ban

systemctl start fail2ban

Look at the iptables changes:

iptables -L

Clear iptables stuff and restart fail2ban:

iptables -F systemctl restart fail2ban

Also handy for ssh, dovecot, ftpd, etc