# Fail2Ban configuration file for Mail-in-a-Box [DEFAULT] # Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks # ping services over the public interface so we should whitelist that address of # ours too. The string is substituted during installation. ignoreip = 127.0.0.1/8 PUBLIC_IP # JAILS [ssh] maxretry = 7 bantime = 3600 [ssh-ddos] enabled = true [sasl] enabled = true [dovecot] enabled = true filter = dovecotimap findtime = 30 maxretry = 20 [recidive] enabled = true maxretry = 10 action = iptables-allports[name=recidive] # In the recidive section of jail.conf the action contains: # # action = iptables-allports[name=recidive] # sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log] # # The last line on the action will sent an email to the configured address. This mail will # notify the administrator that someone has been repeatedly triggering one of the other jails. # By default we don't configure this address and no action is required from the admin anyway. # So the notification is ommited. This will prevent message appearing in the mail.log that mail # can't be delivered to fail2ban@$HOSTNAME.