« 音響架
驚人的理論 »

fail2ban

先安裝,之後在微調~

Using Fail2ban with Dovecot

Create the filter file /etc/fail2ban/filter.d/dovecot-pop3imap.conf:

[Definition]
failregex = (?: pop3-login|imap-login): (?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P\S*),.*
ignoreregex =

Add the following to /etc/fail2ban/jail.conf:

[dovecot-pop3imap]
enabled = true
filter = dovecot-pop3imap
action = iptables-multiport[name=dovecot-pop3imap, port="pop3,imap", protocol=tcp]
logpath = /var/log/maillog
maxretry = 20
findtime = 1200
bantime = 1200

refer
http://wiki.dovecot.org/HowTo/Fail2Ban

歷史上得今天..

This entry was posted on Monday, October 25th, 2010 at 12:39 am and is filed under Daily. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “fail2ban”

  1. Banbanli Says:
    November 17th, 2010 at 1:33 pm

    usr/bin/fail2ban-client

    def __processCmd(self, cmd, showRet = True):
    beautifier = Beautifier()
    for c in cmd:
    time.sleep(0.1)
    beautifier.setInputCmd(c)

Leave a Reply