.\" Automatically generated by Pod::Man 4.07 (Pod::Simple 3.32) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .if !\nF .nr F 0 .if \nF>0 \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} .\} .\" ======================================================================== .\" .IX Title "Mail::MtPolicyd::Plugin::Fail2Ban 3pm" .TH Mail::MtPolicyd::Plugin::Fail2Ban 3pm "2017-01-13" "perl v5.24.1" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" Mail::MtPolicyd::Plugin::Fail2Ban \- mtpolicyd plugin to block an address with fail2ban .SH "VERSION" .IX Header "VERSION" version 2.02 .SH "DESCRIPTION" .IX Header "DESCRIPTION" This plugin can be used to block an ip with iptable thru the fail2ban daemon. .PP For more information abount fail2ban read: .PP http://www.fail2ban.org/ .PP This plugin will directly talk to the daemon thru the unix domain socket and execute an banip command: .PP .Vb 1 \& set banip .Ve .SH "PARAMETERS" .IX Header "PARAMETERS" .IP "socket (default: /var/run/fail2ban/fail2ban.sock)" 4 .IX Item "socket (default: /var/run/fail2ban/fail2ban.sock)" Path to the fail2ban unix socket. .Sp Make sure mtpolicyd is allowed to write to this socket! .IP "jail (default: postfix)" 4 .IX Item "jail (default: postfix)" The jail in which the ip should be banned. .SH "EXAMPLE" .IX Header "EXAMPLE" Execute a ban on all client-ips which send a mail with a score of >=15: .PP .Vb 9 \& \& module = "ScoreAction" \& threshold = 15 \& \& module = "Fail2Ban" \& socket = "/var/run/fail2ban/fail2ban.sock" \& jail = "postfix" \& \& .Ve .SH "FAIL2BAN CONFIGURATION" .IX Header "FAIL2BAN CONFIGURATION" To allow mtpolicyd to access fail2ban you must make sure fail2ban can write to the fail2ban unix socket. .PP .Vb 2 \& chgrp mtpolicyd /var/run/fail2ban/fail2ban.sock \& chmod g+rwx /var/run/fail2ban/fail2ban.sock .Ve .PP You may want to add this to the fail2ban startup script. .PP You may want to use the predefined postfix jail. To activate it create /etc/fail2ban/jail.local and enable the postfix fail by setting enabled=true. .PP .Vb 2 \& [postfix] \& enabled = true .Ve .SH "AUTHOR" .IX Header "AUTHOR" Markus Benning .SH "COPYRIGHT AND LICENSE" .IX Header "COPYRIGHT AND LICENSE" This software is Copyright (c) 2014 by Markus Benning . .PP This is free software, licensed under: .PP .Vb 1 \& The GNU General Public License, Version 2, June 1991 .Ve