Linode Forum
https://forum.linode.com/

Setting up fail2ban for Postfix
https://forum.linode.com/viewtopic.php?f=11&t=10534		 Page 1 of 1
Author:  dee4 [ Sun Oct 20, 2013 7:14 am ]
Post subject:  Setting up fail2ban for Postfix
I put this in my jail.local file:

Code:
[postfix]
enabled  = true
port     = smtp,ssmtp
filter   = postfix
action   = mail-whois[name=postfix, dest=my@email.com]
logpath  = /var/log/mail.log
maxretry = 10


How do I add an iptables action to this? There are two possible ports, so I'm not sure what would be in the port and protocol parameters:

Code:
iptables[name=postfix, port=??, protocol=??]
Author:  Vance [ Sun Oct 20, 2013 5:46 pm ]
Post subject:  Re: Setting up fail2ban for Postfix
It looks like you can have multiple actions, so something like the below would cover both ports.
Code:
action   = mail-whois[name=postfix, dest=my@email.com]
           iptables[name=postfix, port=smtp, protocol=tcp]
           iptables[name=postfix, port=ssmtp, protocol=tcp]


Neither of these services can really be accessed over UDP, so putting TCP as the protocol should cover it. For a service that can be accessed over both, you can just add extra actions having protocol=udp.
Author:  dee4 [ Mon Oct 21, 2013 6:23 am ]
Post subject:  Re: Setting up fail2ban for Postfix
Vance wrote:
It looks like you can have multiple actions, so something like the below would cover both ports.
Code:
action   = mail-whois[name=postfix, dest=my@email.com]
           iptables[name=postfix, port=smtp, protocol=tcp]
           iptables[name=postfix, port=ssmtp, protocol=tcp]


Neither of these services can really be accessed over UDP, so putting TCP as the protocol should cover it. For a service that can be accessed over both, you can just add extra actions having protocol=udp.

Thanks, that makes sense :)
Page 1 of 1 All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/