mirror of https://github.com/fail2ban/fail2ban
Merge pull request #901 from leeclemens/ENH/PostfixRBL
Create Jail for Postfix based on RBLpull/915/head
commit
c7edd9e67f
|
@ -25,6 +25,8 @@ ver. 0.9.2 (2014/XX/XXX) - wanna-be-released
|
|||
* fail2ban/__init__.py - add strptime thread safety hack-around
|
||||
|
||||
- New Features:
|
||||
- New filter:
|
||||
- postfix-rbl Thanks Lee Clemens
|
||||
- New interpolation feature for config readers - `%(known/parameter)s`.
|
||||
(means last known option with name `parameter`). This interpolation makes
|
||||
possible to extend a stock filter or jail regexp in .local file
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
# Fail2Ban filter for Postfix's RBL based Blocked hosts
|
||||
#
|
||||
#
|
||||
|
||||
[INCLUDES]
|
||||
|
||||
# Read common prefixes. If any customizations available -- read them from
|
||||
# common.local
|
||||
before = common.conf
|
||||
|
||||
[Definition]
|
||||
|
||||
_daemon = postfix/smtpd
|
||||
|
||||
failregex = ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 454 4\.7\.1 Service unavailable; Client host \[\S+\] blocked using .* from=<\S*> to=<\S+> proto=ESMTP helo=<\S*>$
|
||||
|
||||
ignoreregex =
|
||||
|
||||
# Author: Lee Clemens
|
|
@ -465,6 +465,13 @@ port = smtp,465,submission
|
|||
logpath = %(postfix_log)s
|
||||
|
||||
|
||||
[postfix-rbl]
|
||||
|
||||
port = smtp,465,submission
|
||||
logpath = %(syslog_mail)s
|
||||
maxretry = 1
|
||||
|
||||
|
||||
[sendmail-auth]
|
||||
|
||||
port = submission,465,smtp
|
||||
|
|
|
@ -0,0 +1,2 @@
|
|||
# failJSON: { "time": "2004-12-30T18:19:15", "match": true , "host": "93.184.216.34" }
|
||||
Dec 30 18:19:15 xxx postfix/smtpd[1574]: NOQUEUE: reject: RCPT from badguy.example.com[93.184.216.34]: 454 4.7.1 Service unavailable; Client host [93.184.216.34] blocked using rbl.example.com; http://www.example.com/query?ip=93.184.216.34; from=<spammer@example.com> to=<goodguy@example.com> proto=ESMTP helo=<badguy.example.com>
|
Loading…
Reference in New Issue