mirror/docker-mailserver.docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-08-03 01:24:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add ban feature to fail2ban script (#2538)

Browse source
This commit is contained in:
Casper 2022-04-19 10:44:51 +02:00 committed by GitHub
parent 9aaf15b38f
commit de61d42e68
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 105 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

32
config-examples/fail2ban-jail.cf
View file

@ -1,21 +1,37 @@
[DEFAULT]
# "bantime" is the number of seconds that a host is banned.
#bantime = 10m
bantime = 3h
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
#findtime = 10m
findtime = 10m
# "maxretry" is the number of failures before a host get banned.
#maxretry = 5
maxretry = 3
# "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban
# will not ban a host which matches an address in this list. Several addresses
# can be defined using space (and/or comma) separator.
#ignoreip = 127.0.0.1/8
ignoreip = 127.0.0.1/8
# Default ban action
# nftables-multiport: block IP only on affected port
# nftables-allports: block IP on all ports
#banaction = nftables-allports
# default ban action
# nftables-multiport: block IP only on affected port
# nftables-allports: block IP on all ports
banaction = nftables-allports
[dovecot]
enabled = true
[postfix]
enabled = true
[postfix-sasl]
enabled = true
# This jail is used for manual bans.
# To ban an IP address use: setup.sh fail2ban ban <IP>
[custom]
enabled = true
bantime = 180d
port = smtp,pop3,pop3s,imap,imaps,submission,submissions,sieve