diff options
| -rw-r--r-- | ansible/roles/fail2ban/templates/jail.local.j2 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ansible/roles/fail2ban/templates/jail.local.j2 b/ansible/roles/fail2ban/templates/jail.local.j2 index ba1b50d..35589ee 100644 --- a/ansible/roles/fail2ban/templates/jail.local.j2 +++ b/ansible/roles/fail2ban/templates/jail.local.j2 @@ -14,3 +14,21 @@ banaction_allports = nftables[type=allports] [sshd] mode = aggressive backend=systemd + +{% if "mail" in group_names %} +[postfix] +enabled = true +bantime = 1d + +[postfix-submission] +filter = postfix +port = submission +enabled = true +bantime = 1d + +[postfix-errors] +filter = postfix[mode=errors] +enabled = true +maxretry = 3 +bantime = 7d +{% endif %} |