diff options
| author |  Joe Banks <[email protected]> | 2024-08-16 20:01:50 +0100 |
|---|---|---|
| committer |  Johannes Christ <[email protected]> | 2024-08-17 10:45:35 +0200 |
| commit | 5292e80fd70ba5322609c7631fe9ed2810df9245 (patch) | |
| tree | aac7117cee520b4d792955ec2451b95d4edb4f6d | |
| parent | Add documentation on using public folders (diff) | |
Add Postfix to fail2ban jails
Backed by the systemd integration for fail2ban
| -rw-r--r-- | ansible/roles/fail2ban/templates/jail.local.j2 | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/ansible/roles/fail2ban/templates/jail.local.j2 b/ansible/roles/fail2ban/templates/jail.local.j2 index ba1b50d..399faf9 100644 --- a/ansible/roles/fail2ban/templates/jail.local.j2 +++ b/ansible/roles/fail2ban/templates/jail.local.j2 @@ -14,3 +14,24 @@ banaction_allports = nftables[type=allports] [sshd] mode = aggressive backend=systemd + +{% if "mail" in group_names %} +[postfix] +enabled = true +bantime = 1d +backend = systemd + +[postfix-submission] +filter = postfix +port = submission +enabled = true +bantime = 1d +backend = systemd + +[postfix-errors] +filter = postfix[mode=errors] +enabled = true +maxretry = 3 +bantime = 7d +backend = systemd +{% endif %} |