mailinabox/conf/fail2ban/jail.local

71 lines
1.2 KiB
Plaintext

# Fail2Ban configuration file for Mail-in-a-Box
[DEFAULT]
# Whitelist our own IP addresses. 127.0.0.1/8 is the default. But our status checks
# ping services over the public interface so we should whitelist that address of
# ours too. The string is substituted during installation.
ignoreip = 127.0.0.1/8 PUBLIC_IP
# JAILS
[ssh]
maxretry = 7
bantime = 3600
[ssh-ddos]
enabled = true
[sasl]
enabled = true
[dovecot]
enabled = true
filter = dovecotimap
findtime = 30
maxretry = 20
[management-daemon]
enabled = true
filter = miab-management-daemon
port = http,https
logpath = /var/log/syslog
maxretry = 20
findtime = 30
[roundcube]
enabled = true
port = http,https
filter = roundcube
logpath = /var/log/roundcubemail/errors
maxretry = 20
findtime = 30
[owncloud]
enabled = true
port = http,https
filter = owncloud
logpath = /home/user-data/owncloud/owncloud.log
maxretry = 20
findtime = 30
[munin]
enabled = true
port = http,https
filter = munin
logpath = /var/log/nginx/access.log
maxretry = 20
findtime = 30
[postfix-submission]
enabled = true
port = 587
filter = postfix-submission
logpath = /var/log/mail.log
maxretry = 20
findtime = 30
[recidive]
enabled = true
maxretry = 10