mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-11-22 02:17:26 +00:00
ae3ae0b5ba
I propose that the default 600s/10minute find time is a better test duration for this ban. The altered 120s findtime sounds reasonable until you consider that attackers can simply throttle to 3 attempts per minute and never be banned. The remaining non default jail settings of maxretry = 7 and bantime = 3600 I believe are good.
20 lines
220 B
Plaintext
20 lines
220 B
Plaintext
# Fail2Ban configuration file for Mail-in-a-Box
|
|
|
|
# JAILS
|
|
|
|
[ssh]
|
|
maxretry = 7
|
|
bantime = 3600
|
|
|
|
[ssh-ddos]
|
|
enabled = true
|
|
|
|
[sasl]
|
|
enabled = true
|
|
|
|
[dovecot]
|
|
enabled = true
|
|
filter = dovecotimap
|
|
findtime = 30
|
|
maxretry = 20
|