I suggest a default value of
Did you restart f2b after making edits?
Possible to change /etc/fail2ban/fail2ban.conf (or even in your jail.conf?)
Restart and keep any eye on /var/log/fail2ban.log
for outstanding entries.
When was the last time this worked?
Is /etc/fail2ban/fail2ban.d/assp.conf the one that came installed?
If the manual run of
Code:
fail2ban-regex /usr/local/assp/logs/maillog.txt /etc/fail2ban/fail2ban.d/assp.conf
find hits (but makes you run switches to see them all?), when you restart fail2ban it should ban
everything it found within the last 600 seconds when you restart fail2ban.
I don't see a banaction statement?
Using [DEFAULT] then? what is it?
I'd copy jail.conf to jail.local else during an upgrade, all your precious work gets over-written.
Code:
cp /etc/fail2ban/jail.conf cp /etc/fail2ban/jail.local
Same goes for custom filters and actions.
Let us know...