I'm having trouble reaching bugzilla so I'll put this here and update bugzilla when I can get into it again.
I'm not sure that fail2ban is working to ban an IP properly. Attached log snippets below. Specifically for IP 23.227.203.129
in this example.
It gets detected by fail2ban after 9 attempts, then logs it as banned at 13:50:43 and then unbans it at 14:51:05
Both fail2ban and messages log confirm this.
However sqsmtpd shows the initial attempts prior to 13:50 but also two failed connections at 14:07, whilst it should be banned.
[edit] log now denylog.log rather than current
Unfortunately there doesn't seem to be any log updates for iptables (there was on sme9.2) to show what changes (if any) were done to iptables.
No entry in the denylog for 23.227.203.129 at 14:07
/var/log/fail2ban
2021-09-12 13:33:02,321 fail2ban.filter [769]: INFO [qpsmtpd] Found 177.87.68.195 - 2021-09-12 13:33:12
2021-09-12 13:49:31,621 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:49:41
2021-09-12 13:49:32,227 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:49:42
2021-09-12 13:49:52,460 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:50:02
2021-09-12 13:49:52,869 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:50:02
2021-09-12 13:50:13,511 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:50:23
2021-09-12 13:50:13,715 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:50:23
2021-09-12 13:50:34,152 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:50:43
2021-09-12 13:50:34,558 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:50:44
2021-09-12 13:50:54,798 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:51:04
2021-09-12 13:50:54,970 fail2ban.actions [769]: NOTICE [qpsmtpd] Ban 23.227.203.129
2021-09-12 13:50:54,975 fail2ban.filter [769]: INFO [recidive] Found 23.227.203.129 - 2021-09-12 13:50:54
2021-09-12 13:50:55,406 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 13:51:05
2021-09-12 13:51:04,644 fail2ban.filter [769]: INFO [qpsmtpd] Found 161.35.22.8 - 2021-09-12 13:51:14
2021-09-12 13:51:25,512 fail2ban.filter [769]: INFO [qpsmtpd] Found 157.230.127.86 - 2021-09-12 13:51:35
2021-09-12 14:05:12,633 fail2ban.filter [769]: INFO [qpsmtpd] Found 142.54.174.178 - 2021-09-12 14:05:22
2021-09-12 14:05:12,639 fail2ban.filter [769]: INFO [qpsmtpd] Found 142.54.174.178 - 2021-09-12 14:05:22
2021-09-12 14:07:13,258 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 14:07:22
2021-09-12 14:07:13,260 fail2ban.filter [769]: INFO [qpsmtpd] Found 23.227.203.129 - 2021-09-12 14:07:22
2021-09-12 14:13:57,626 fail2ban.filter [769]: INFO [qpsmtpd] Found 177.53.164.179 - 2021-09-12 14:14:07
2021-09-12 14:30:49,564 fail2ban.filter [769]: INFO [qpsmtpd] Found 188.166.18.165 - 2021-09-12 14:30:59
2021-09-12 14:47:27,240 fail2ban.filter [769]: INFO [qpsmtpd] Found 161.35.22.8 - 2021-09-12 14:47:37
2021-09-12 14:48:43,986 fail2ban.filter [769]: INFO [qpsmtpd] Found 157.230.127.86 - 2021-09-12 14:48:53
2021-09-12 14:51:05,642 fail2ban.actions [769]: NOTICE [qpsmtpd] Unban 23.227.203.129
/var/log/messages
Sep 12 10:21:20 fwbox kernel: [266336.580720] md: md11: data-check done.
Sep 12 13:50:55 fwbox /sbin/e-smith/smeserver-fail2ban[29369]: /home/e-smith/db/fail2ban: OLD bkiv8zmtstnio15=(undefined)
Sep 12 13:50:55 fwbox /sbin/e-smith/smeserver-fail2ban[29369]: /home/e-smith/db/fail2ban: NEW bkiv8zmtstnio15=ban|BanTimestamp|1631425855|Host|23.227.203.129|Port|25,465|Protocol|tcp|UnbanTimestamp|1631429455
Sep 12 13:50:55 fwbox esmith::event[29370]: Processing event: fail2ban-update
Sep 12 13:50:55 fwbox esmith::event[29370]: Running event handler: /etc/e-smith/events/actions/generic_template_expand
Sep 12 13:50:55 fwbox esmith::event[29370]: expanding /etc/rc.d/init.d/masq
Sep 12 13:50:56 fwbox esmith::event[29370]: generic_template_expand=action|Event|fail2ban-update|Action|generic_template_expand|Start|1631425855 425199|End|1631425856 582912|Elapsed|1.157713
Sep 12 13:50:56 fwbox esmith::event[29370]: Running event handler: /etc/e-smith/events/actions/adjust-services
Sep 12 13:50:56 fwbox esmith::event[29370]: adjusting non-supervised masq (start)
Sep 12 13:50:56 fwbox esmith::event[29370]: adjusting non-supervised masq (adjust)
Sep 12 13:50:58 fwbox esmith::event[29370]: adjust-services=action|Event|fail2ban-update|Action|adjust-services|Start|1631425856 583348|End|1631425858 690446|Elapsed|2.107098
Sep 12 14:51:05 fwbox /sbin/e-smith/smeserver-fail2ban[1652]: /home/e-smith/db/fail2ban: DELETE bkiv8zmtstnio15=ban|BanTimestamp|1631425855|Host|23.227.203.129|Port|25,465|Protocol|tcp|UnbanTimestamp|1631429455
Sep 12 14:51:06 fwbox esmith::event[1654]: Processing event: fail2ban-update
Sep 12 14:51:06 fwbox esmith::event[1654]: Running event handler: /etc/e-smith/events/actions/generic_template_expand
Sep 12 14:51:06 fwbox esmith::event[1654]: expanding /etc/rc.d/init.d/masq
Sep 12 14:51:06 fwbox esmith::event[1654]: generic_template_expand=action|Event|fail2ban-update|Action|generic_template_expand|Start|1631429466 53193|End|1631429466 596901|Elapsed|0.543708
Sep 12 14:51:06 fwbox esmith::event[1654]: Running event handler: /etc/e-smith/events/actions/adjust-services
Sep 12 14:51:06 fwbox esmith::event[1654]: adjusting non-supervised masq (start)
Sep 12 14:51:06 fwbox esmith::event[1654]: adjusting non-supervised masq (adjust)
Sep 12 14:51:07 fwbox esmith::event[1654]: adjust-services=action|Event|fail2ban-update|Action|adjust-services|Start|1631429466 597340|End|1631429467 733837|Elapsed|1.136497
/var/log/sqpsmtpd
2021-09-12 14:07:12.885886500 29368 (connect) tls: fail, unable to establish SSL
2021-09-12 14:07:12.885889500 29373 (connect) tls: fail, unable to establish SSL
2021-09-12 14:07:12.885891500 29368 (deny) logging::logterse: ` 23.227.203.129 23-227-203-129.static.hvvc.us tls 903 Cannot establish SSL session msg denied before queued
2021-09-12 14:07:12.885894500 29373 (deny) logging::logterse: ` 23.227.203.129 23-227-203-129.static.hvvc.us tls 903 Cannot establish SSL session msg denied before queued
2021-09-12 14:07:12.885897500 29368 Lost connection to client, cannot send response.
2021-09-12 14:07:12.885940500 29373 Lost connection to client, cannot send response.
2021-09-12 14:07:12.885942500 29368 click, disconnecting
2021-09-12 14:07:12.885942500 29373 click, disconnecting
2021-09-12 14:07:13.000863500 1951 cleaning up after 29368
2021-09-12 14:07:13.000920500 1951 cleaning up after 29373