Hello @bhagert
I have this jail.local
for this purpose:
[DEFAULT]
bantime = 3600
maxretry = 3
[sshd]
enabled = true
port = <port>
logpath = %(sshd_log)s
backend = %(sshd_backend)s
[apache-auth]
enabled = true
port = http,https
logpath = %(apache_error_log)s
[postfix]
enabled = true
port = smtp,465,submission
logpath = %(postfix_log)s
backend = %(postfix_backend)s
[postfix-rbl]
enabled = true
port = smtp,465,submission
logpath = %(postfix_log)s
backend = %(postfix_backend)s
maxretry = 1
[dovecot]
enabled = true
port = pop3,pop3s,imap,imaps,submission,465,sieve
logpath = %(dovecot_log)s
backend = %(dovecot_backend)s
[postfix-sasl]
enabled = true
port = smtp,465,submission,imap,imaps,pop3,pop3s
logpath = %(postfix_log)s
backend = %(postfix_backend)s
[recidive]
enabled = true
filter = recidive
action = iptables-allports[name=recidive]
logpath = /var/log/fail2ban.log
# findtime: 1 week
findtime = 604800
# bantime: 1 year
bantime = -1
maxretry = 3
Best, Bernd