How to remove IP address on fail2ban IPtables under SIT SMTP server

In this case, you got call/ticket that customer not able to send email.

Firstly, you will need to check their IP address by guide them to access this site :

myip.dk

Then after customer provide the IP address, you need to quick check by command this :

# iptables -nL |grep xxxxxx

Once you see the IP address on the IPtables list, then what you have to do is remove it from the IPtables list

1. Run this command to see the line number on iptables firewall

# iptables -L fail2ban-QMAIL -v -n --line-numbers

2. If you see the IP address, i.e line number 4, use this command :

iptables -D fail2ban-QMAIL 4

On temporary, you can add their IP to the whitelist ( THIS IS FOR SMTP only ) :

# vi /etc/fail2ban/jail.conf

add the IP address on ignoreip

# service fail2ban reload

Once you release, customer will be asking why their IP address got blocked by our SMTP server. You can trace it through this command :

This is for port 25

# cat /var/log/qmail/smtpd/*  | grep '103.99.2.3' | grep -i Reject | tai64nlocal | less

This is for port 587

# cat /var/log/qmail/smtpd2/*  | grep '103.99.2.3' | grep -i Reject | tai64nlocal | less