2013-10-30 13:02:59 +00:00
|
|
|
# Fail2Ban filter for selected Postfix SMTP rejections
|
2006-09-06 19:34:03 +00:00
|
|
|
#
|
|
|
|
#
|
|
|
|
|
2013-07-20 14:31:21 +00:00
|
|
|
[INCLUDES]
|
|
|
|
|
|
|
|
# Read common prefixes. If any customizations available -- read them from
|
|
|
|
# common.local
|
|
|
|
before = common.conf
|
|
|
|
|
2006-09-06 19:34:03 +00:00
|
|
|
[Definition]
|
|
|
|
|
2016-02-23 19:23:04 +00:00
|
|
|
_daemon = postfix(-\w+)?/(submission/)?smtp(d|s)
|
2013-07-20 14:31:21 +00:00
|
|
|
|
|
|
|
failregex = ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 554 5\.7\.1 .*$
|
2014-12-30 23:05:19 +00:00
|
|
|
^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.7\.1 Client host rejected: cannot find your hostname, (\[\S*\]); from=<\S*> to=<\S+> proto=ESMTP helo=<\S*>$
|
2013-07-20 14:31:21 +00:00
|
|
|
^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.7\.1 : Helo command rejected: Host not found; from=<> to=<> proto=ESMTP helo= *$
|
2016-02-08 10:08:10 +00:00
|
|
|
^%(__prefix_line)sNOQUEUE: reject: EHLO from \S+\[<HOST>\]: 504 5\.5\.2 <\S+>: Helo command rejected: need fully-qualified hostname;
|
2013-08-19 08:32:07 +00:00
|
|
|
^%(__prefix_line)sNOQUEUE: reject: VRFY from \S+\[<HOST>\]: 550 5\.1\.1 .*$
|
2015-11-22 10:01:15 +00:00
|
|
|
^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.1\.8 <\S*>: Sender address rejected: Domain not found; from=<\S*> to=<\S+> proto=ESMTP helo=<\S*>$
|
2014-01-12 19:59:59 +00:00
|
|
|
^%(__prefix_line)simproper command pipelining after \S+ from [^[]*\[<HOST>\]:?$
|
2006-11-12 14:52:36 +00:00
|
|
|
|
2006-11-15 18:44:28 +00:00
|
|
|
ignoreregex =
|
2013-05-09 23:15:07 +00:00
|
|
|
|
|
|
|
[Init]
|
|
|
|
|
|
|
|
journalmatch = _SYSTEMD_UNIT=postfix.service
|
2013-11-02 04:59:05 +00:00
|
|
|
|
2013-10-30 13:02:59 +00:00
|
|
|
# Author: Cyril Jaquier
|