# Fail2Ban configuration file for Mail-in-a-Box

[DEFAULT]
# Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks
# ping services over the public interface so we should whitelist that address of
# ours too. The string is substituted during installation.
ignoreip = 127.0.0.1/8 PUBLIC_IP

# JAILS

[ssh]
maxretry = 7
bantime = 3600

[ssh-ddos]
enabled  = true

[sasl]
enabled  = true

[dovecot]
enabled = true
filter  = dovecotimap
findtime = 30
maxretry = 20
logpath  = /var/log/mail.log

[recidive]
enabled  = true
maxretry = 10
action   = iptables-allports[name=recidive]
# In the recidive section of jail.conf the action contains:
#
# action   = iptables-allports[name=recidive]
#            sendmail-whois-lines[name=recidive, logpath=/var/log/fail2ban.log]
#
# The last line on the action will sent an email to the configured address. This mail will
# notify the administrator that someone has been repeatedly triggering one of the other jails.
# By default we don't configure this address and no action is required from the admin anyway.
# So the notification is ommited. This will prevent message appearing in the mail.log that mail
# can't be delivered to fail2ban@$HOSTNAME.