[SOLVED] Securing... #2

[HSorgYves]

Refering again to http://www.isp-control.net/documentation...re_secure. This time its about fail2ban. How to enable it for postfix, couriersmtp and/or sasl?

Thanks,
Yves

[Rene]

http://www.fail2ban.org/wiki/index.php/C...figuration

[HSorgYves]

And where does ispCP store the log files (and under which names)?

[Rene]

ok, I see, the default is not so good, sry...
i'm going to look at this in the afternoon if nobody else do this...

[joximu]

AFAIK ispCP does not change anything about the log files of postfix, courier, sasl etc...

[Rene]

hi sry, but i havn't got time for this. as joximu said ispcp change nothing about the logfiles. so you can use the default regex.
you have to fit the port and the path (/var/log)...

[HSorgYves]

joximu is saying that ispCP does not change anything about the log files of postfix, ...

Why does the HowTo then suggest to use the following for postfix:
logpath = /var/log/auth.log

Thanks,
Yves

[joximu]

Can you give more details?

[HSorgYves]

Check http://www.isp-control.net/documentation...ore_secure

[joximu]

Please read!

This is for *proftpd*.
The proftpd.conf from ispcp does not contain a value for the system log so it's logged to the default: /var/log/auth.log, the default system log for debian seems to be /var/log/proftpd/proftp.log.

I have no idea what this has to do with the original question about postfix, courier and sasl.
Since ispCP is supposed to run on several unix based systems it's possible that such small corrections have to be made. Every responsible admin is able to notice this and change the supplementary software accordingly.

If you want to discuss if a change from the distribution default to the original software default is not ok, then please stay away from configurable servers.