table of contents
Mail::MtPolicyd::Plugin::Fail2Ban(3pm) | User Contributed Perl Documentation | Mail::MtPolicyd::Plugin::Fail2Ban(3pm) |
NAME¶
Mail::MtPolicyd::Plugin::Fail2Ban - mtpolicyd plugin to block an address with fail2banVERSION¶
version 2.02DESCRIPTION¶
This plugin can be used to block an ip with iptable thru the fail2ban daemon.For more information abount fail2ban read:
This plugin will directly talk to the daemon thru the unix domain socket and execute an banip command:
set <JAIL> banip <IP>
PARAMETERS¶
- socket (default: /var/run/fail2ban/fail2ban.sock)
- Path to the fail2ban unix socket.
Make sure mtpolicyd is allowed to write to this socket!
- jail (default: postfix)
- The jail in which the ip should be banned.
EXAMPLE¶
Execute a ban on all client-ips which send a mail with a score of >=15:<Plugin ScoreBan> module = "ScoreAction" threshold = 15 <Plugin ban-ip> module = "Fail2Ban" socket = "/var/run/fail2ban/fail2ban.sock" jail = "postfix" </Plugin> </Plugin>
FAIL2BAN CONFIGURATION¶
To allow mtpolicyd to access fail2ban you must make sure fail2ban can write to the fail2ban unix socket.chgrp mtpolicyd /var/run/fail2ban/fail2ban.sock chmod g+rwx /var/run/fail2ban/fail2ban.sock
You may want to add this to the fail2ban startup script.
You may want to use the predefined postfix jail. To activate it create /etc/fail2ban/jail.local and enable the postfix fail by setting enabled=true.
[postfix] enabled = true
AUTHOR¶
Markus Benning <ich@markusbenning.de>COPYRIGHT AND LICENSE¶
This software is Copyright (c) 2014 by Markus Benning <ich@markusbenning.de>.This is free software, licensed under:
The GNU General Public License, Version 2, June 1991
2017-01-13 | perl v5.24.1 |