On Monday 29 April 2019 17:21:54 Gordon Messmer wrote: > On 4/29/19 1:44 AM, Gary Stainburn wrote: > > and the lines are still appearing. Here is my jail.local. (I did also try directly editing jail.conf to update the port commands). > > > > > > [exim] > > port = 0:65535 > > > If that's all that's in jail.local, then the jail shouldn't be enabled. > They're off by default. I'd suggest that you remove fail2ban > completely. Remove the packages, and then delete /etc/fail2ban, and > start again. > > When you're done, look at the output of "iptables -n -L INPUT_direct": > > # iptables -n -L INPUT_direct > Chain INPUT_direct (1 references) > target prot opt source destination > REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 match-set > fail2ban-sshd src reject-with icmp-port-unreachable > My jail.conf contains the following. What I included above was jail.local [dovecot] port = pop3,pop3s,imap,imaps,submission,sieve,25,1025,465,587 logpath = %(dovecot_log)s backend = %(dovecot_backend)s [exim] port = pop3,pop3s,imap,imaps,submission,sieve,25,1025,465,587 logpath = %(exim_main_log)s I was also coming to the conclusion that it was time to start again. I'll let you know how I get on Gary