Initial commit.

fail2ban/jail.d/default.conf

@@ -0,0 +1,59 @@
+# Custom fail2ban base jail specification file.
+#
+# YOU SHOULD NOT MODIFY THIS FILE.
+# It will probably be overwitten or improved in a distribution update.
+#
+# All jail names should be under 20 symbols to avoid warnings
+
+# action = mail[name="name=%(__name__)s", "%(destemail)s", "logpath=%(logpath)s"]
+
+[dovecot]
+enabled  = false
+action   = iptables-multiport[name="dovecot", port="imap,imap3,imaps,pop3,pop3s"]
+filter   = dovecot
+logpath  = /var/log/maillog
+maxretry = 3
+
+[postfix-auth]
+enabled  = false
+action   = iptables-multiport[name="postfix-auth", port="smtp,smtps,submission"]
+filter   = postfix-auth
+logpath  = /var/log/maillog
+maxretry = 3
+
+[postfix-rbl]
+enabled  = false
+action   = iptables-multiport[name="postfix-rbl", port="smtp,smtps,submission"]
+filter   = postfix-rbl
+logpath  = /var/log/maillog
+maxretry = 3
+
+[postfix-sasl]
+enabled  = false
+action   = iptables-multiport[name="postfix-sasl", port="smtp,smtps,submission"]
+filter   = postfix-sasl
+logpath  = /var/log/maillog
+maxretry = 3
+
+[postfix-smtp-reject]
+enabled  = false
+action   = iptables-multiport[name="postfix-smtp-reject", port="smtp,smtps,submission"]
+filter   = postfix-smtp-reject
+logpath  = /var/log/maillog
+maxretry = 2
+
+[postfix-ssl-error]
+enabled  = false
+action   = iptables-multiport[name="postfix-ssl-error", port="smtp,smtps,submission"]
+filter   = postfix-ssl-error
+logpath  = /var/log/maillog
+maxretry = 3
+
+[nginx-forbidden]
+enabled = false
+filter = nginx-forbidden
+port = http,https
+logpath = /var/log/nginx/*.error*.log
+findtime = 60
+bantime = 86400
+maxretry = 3