41 lines
1.4 KiB
Plaintext
41 lines
1.4 KiB
Plaintext
# Example fail2ban jail definition for emailrelay.
|
|
#
|
|
# Add this to /etc/fail2ban/jail.local.
|
|
#
|
|
# Configure syslog so that emailrelay warnings get logged to the fail2ban
|
|
# 'syslog_mail' file -- typically "/var/log/mail" or "/var/log/mail.log".
|
|
# Refer to '/etc/fail2ban/jail.conf', '/etc/fail2ban/paths*' and
|
|
# 'man rsyslog.conf' for more details.
|
|
#
|
|
# When configuring syslog note that emailrelay emits logging using a syslog
|
|
# 'facility' of "mail" by default, but you can change this by using the
|
|
# emailrelay "--syslog" option, eg. "--syslog=local2".
|
|
#
|
|
# Test by using 'maxretry=1' and 'bantime = 30' below and then:
|
|
# $ fail2ban-client reload
|
|
# $ logger -p mail.warn emailrelay: warning: "1.2.3.4;" failed authentication
|
|
#
|
|
# You should see address 1.2.3.4 being banned by fail2ban for 30 seconds.
|
|
#
|
|
# Choose action 'action_mwl' below to ban the address using iptables and
|
|
# also send notification emails using 'sendmail'. Refer to the '[DEFAULT]'
|
|
# section of 'jail.conf' for pre-configured actions and for the mailer
|
|
# configuration.
|
|
#
|
|
# Consider installing the 'emailrelay-sendmail.pl' script if you want
|
|
# emails generated by fail2ban to go into the emailrelay spool directory.
|
|
#
|
|
|
|
[emailrelay]
|
|
enabled = true
|
|
ignoreip = 127.0.0.0/8 169.254.0.0/16 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
|
|
port = smtp,submission
|
|
logpath = %(syslog_mail)s
|
|
#logpath = %(syslog_mail_warn)s
|
|
action = %(action_)s
|
|
#action = %(action_mwl)s
|
|
#action = %(action_mw)s
|
|
#maxretry = 1
|
|
#bantime = 30
|
|
|