Commit Graph

400 Commits (ffc9fb4aa6e620e7288fe7da4463f64cd5b0adf8)

Author SHA1 Message Date
Andrew James Collett 55e107310f Added config for AbuseIPDB, ony tested on Ubuntu 16.04 2017-01-07 14:24:54 +02:00
sebres 45f1d811c9 Merge branch 'alex1702-1586' 2016-11-28 18:54:02 +01:00
sebres 67c14afd8e ChangeLog entry added + jail.conf review 2016-11-28 18:51:23 +01:00
Serg G. Brester 4f5389fee5 Update jail.conf 2016-11-24 19:30:10 +01:00
Alex 8ac28e5dcb Make changes and add test file 2016-11-10 13:09:32 +01:00
Alex 8c40766511 Add Mongodb-auth filter and jail 2016-11-10 12:48:24 +01:00
sebres 18ebd9ac21 Merge branches 0.10-full and 0.10 2016-08-17 18:00:25 +02:00
sebres 0eea362aa0 Merge branch 'master' into 0.10 2016-08-01 15:10:52 +02:00
Andrii Melnyk b2e3affaa0 adding openldap slapd filter 2016-07-08 04:50:57 +03:00
sebres 12ff119841 Merge branch 'ban-time-incr' into 0.10-full 2016-06-09 22:50:31 +02:00
sebres 39366e703a Merge branch 'master' into 0.10
# Conflicts:
#	fail2ban/server/filter.py
2016-05-31 18:06:18 +02:00
sebres 8ec4e1189e use raw host (don't use textToIp) if usedns exactly `raw`, because `usedns = no` should ignore no ip failures 2016-05-30 15:34:21 +02:00
Alexander Koeppe db9f3f738f add ip6-loopback to default ignoreip statement 2016-05-09 15:32:42 +02:00
sebres d7e7b52013 Merge remote-tracking branch 'remotes/gh-upstream/master' into f2b-perfom-prepare-716 2016-03-07 19:11:36 +01:00
sebres bf0adc1fdf Merge remote-tracking branch 'f2b-perfom-prepare-716-cs' into ban-time-incr (+ conflicts resolved) 2016-03-06 15:12:48 +01:00
sebres 27659c85e6 Merge remote-tracking branch 'master' into f2b-perfom-prepare-716-cs 2016-02-15 21:03:51 +01:00
Yaroslav Halchenko 3f437b32db Merge remote-tracking branch 'pr/1288/head'
* pr/1288/head:
  Update haproxy-http-auth.conf
  Added HAProxy HTTP Auth filter

 Conflicts:
	config/jail.conf - resolved + removed unnecessary filter/enabled (defaults should be as good)
2016-01-28 08:51:45 -05:00
local 40c0bed82c action_mw, action_mwl, action_cf_mwl ignore the "sender" option when sending a notification email.
This commit adds "sender="%(sender)s"" to the three actions to correct this issue.
2016-01-10 00:05:03 +01:00
Yaroslav Halchenko 5d0d96a5cb Merge pull request #1286 from yarikoptic/enh-jail
ENH: harmonize jail.conf + 1 more test that passed bantime is non-degenerate and int
2016-01-08 08:51:08 -05:00
Jordan Moeser e133762a28 Added HAProxy HTTP Auth filter 2015-12-31 11:16:23 +10:00
sebres cf334421bd Provides fail2ban version to jail (as interpolation variable during parse of jail.conf);
BF: use `fail2ban_agent` as user-agent in actions badips, blocklist_de, etc. (closes #1271, closes #1272)
2015-12-31 01:38:25 +01:00
Yaroslav Halchenko 28c9832293 RF: harmonize jail.conf (no explicit enabled=false in jails, match filter name for screesharingd, etc) 2015-12-29 19:43:52 -05:00
Yaroslav Halchenko 69aa1feac0 Merge "Mac OS Screen Sharing filter" PR 1232
* pr/1232/head:
  removed system.log
  Removed old svn revision comment
  removed false matches
  Removed includes comment for screensharing jail
  Now using a literal logpath for screensharing jail
  Fixed blatant typo in regex
  clarified comments on sample log format
  Fixed name (again?)
  Made screensharing jail off by default
  Changed regex prequel
  added entry for new screensharingd filter
  name change & new sample data
  Added json metadata
  Sample log for test case
  Replaced .* with literal
  Update jail.conf
  Added new path variable for system.log
  Added in settings for screensharingd filter
  Created file

Conflicts:
	ChangeLog - moved to New Features
	config/jail.conf  - kept at the end
2015-12-29 19:36:59 -05:00
sebres 21f058a9f7 Merge remote-tracking branch 'remotes/gh-origin/f2b-perfom-prepare-716' into ban-time-incr 2015-12-29 14:04:41 +01:00
sebres d22b2498d4 normalizing time config entries: use time abbreviation (str2seconds) for all time options such 'dbpurgeage', 'bantime', 'findtime', ex.: default '1d' instead '86400';
code review and test case extended;
2015-12-29 12:49:10 +01:00
Ross Brown 106c3eab9a Added filter and jail for murmur/mumble-server. 2015-11-29 15:56:56 +00:00
Orion Poplawski c656cb0d36 Merge branch 'master' into journaldefault
Conflicts:
	ChangeLog
2015-11-13 15:22:59 -07:00
Orion Poplawski ba76f4ca2f Fix typo 2015-11-02 15:21:14 -07:00
sebres f359ed8c36 Fixed directly defined banaction for allports jails like pam-generic, recidive, etc with new default variable `banaction_allports` (+ man entries for both variables added);
closes gh-1216
2015-10-30 15:36:18 +01:00
Simon Brown 5839a3bd80 Removed includes comment for screensharing jail 2015-10-29 16:07:54 -07:00
sebres 6884593ab8 New filter `nginx-limit-req` ban hosts, that were failed through nginx by limit request processing rate (ngx_http_limit_req_module) 2015-10-29 23:15:20 +01:00
Orion Poplawski 0661aece46 Merge branch 'master' into journaldefault
Conflicts:
	ChangeLog
2015-10-29 15:22:37 -06:00
Simon Brown 65bc5cf6ba Now using a literal logpath for screensharing jail 2015-10-29 09:03:01 -07:00
Simon Brown acee68a9ee Made screensharing jail off by default
Also added note about requiring paths-osx.conf.
2015-10-28 15:11:11 -07:00
Simon Brown d17d837b8c Update jail.conf
Added logencoding to screensharing jail to avoid encoding error messages in fail2ban log
2015-10-27 10:28:07 -07:00
Simon Brown 80546c6164 Added in settings for screensharingd filter 2015-10-26 17:50:49 -07:00
1technophile 2861a957a9 filter for openhab domotic software authentication failure with the rest api and web interface + test cases;
closes gh-1223
2015-10-26 15:48:23 +01:00
Orion Poplawski ced7be94b2 Fix postfix_log typo 2015-10-19 19:43:10 -06:00
Orion Poplawski 75d33c0f09 Add *_backend options for services to allow distros to set the default backend
per service.
Set default to systemd for Fedora as appropriate.
2015-10-18 20:18:50 -06:00
Yaroslav Halchenko 8cf614e221 ENH: allow to split ignoreip by space and/or comma (Closes #1197)
Way too many people ran into this gotcha, so lets just do it
2015-09-23 12:13:52 -04:00
weberho d278fbca30 Fixed line suspected to be faulty 2015-08-26 14:48:55 +02:00
Yaroslav Halchenko 7a011fca1b DOC: adjusted comment in pass2allow-ftp to my suggested wording 2015-07-16 21:55:20 -04:00
Viktor Szépe 948b12e5df Fixed definition of knocking_url for pass2allow 2015-07-14 18:35:51 +02:00
Viktor Szépe b638e807ad Explicitly stating that knocking_url needs to be customized 2015-07-13 18:12:04 +02:00
Viktor Szépe 586703dcc2 Test, changelog and fixes to pass2allow 2015-07-13 16:46:04 +02:00
sebres 386da502ba Merge remote-tracking branch 'master' into 'ban-time-incr' 2015-07-13 16:19:33 +02:00
Viktor Szépe 5b7e1de2f4 Instead of allow-iptables-multiport actions swap blocktype and (new) returntype 2015-07-11 18:20:09 +02:00
Viktor Szépe 5d60700c0c Added pass2allow (knocking with fail2ban) 2015-07-10 16:22:43 +02:00
Lee Clemens 2796534a5d Update regex to work with roundcube 1.0.5 on CentOS 6 2015-07-04 11:02:04 -04:00
Viktor Szépe 79457112e9 Updated CF action 2015-07-01 09:38:36 +02:00
Yaroslav Halchenko 8c4d4aa7fb minor: no tripple empty lines 2015-05-25 10:42:19 -04:00
Joern Muehlencord 4296d1a9a9 add froxlor-auth filter and jail 2015-05-25 13:51:06 +02:00
Lee Clemens 8f792f52fb Add drupal-auth filter and jail 2015-04-27 13:10:27 -04:00
Yaroslav Halchenko d28880fdca Merge pull request #997 from yarikoptic/bf/long-purge-for-recidive
DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964)
2015-03-23 21:30:04 -04:00
Yaroslav Halchenko 02836b599c Added a comment about systemd backend for jails with logs outside of journal (Closes #959) 2015-03-21 21:25:50 -04:00
Yaroslav Halchenko 320a28a4a4 DOC: make a warning for recidive jail to increase dbpurgeage (Closes #964) 2015-03-21 20:50:03 -04:00
František Šumšal eb0d086ed0 Merge branch 'master' into nginx-botsearch 2015-02-04 02:13:33 +01:00
František Šumšal 1c6d2074fb Changed default settings for nginx-botseach filter 2015-02-04 01:48:59 +01:00
Lee Clemens 854915920f Remove implementation specific suffix 2015-02-02 11:38:23 -05:00
Lee Clemens af078532ac New jail: apache-fakegooglebot
Detects fake googlebot user agents in apache access log
2015-02-02 00:42:01 -05:00
František Šumšal c8e82f18b6 Add jail nginx-botsearch
Jail blocks requests for predefined non-existent folders. Based on
apache-botsearch jail.
2015-01-29 17:57:52 +01:00
Yaroslav Halchenko 65980a70fc Merge branch 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban
* 'enh/recidive-allports' of https://github.com/yarikoptic/fail2ban:
  use iptables-allports for recidive

Conflicts:
	ChangeLog
2015-01-26 09:04:42 -05:00
sebres 12e3cca3f2 port[s] typo fixed in jail.conf/nginx-http-auth, issue gh-913 2015-01-19 10:28:53 +01:00
Lee Clemens fe72a5585c Create Jail for Postfix based on RBL
Use RBL blocks to ban addresses, unique Jail so maxretry can be set to 1 (vs postfix.conf)
2014-12-30 19:06:17 -05:00
sebres 5dc1a583b4 Merge remote-tracking branch 'remotes/upstream/master' into sebres:ban-time-incr
Conflicts:
	fail2ban/server/actions.py
	fail2ban/server/database.py
	fail2ban/tests/databasetestcase.py
	fail2ban/tests/servertestcase.py
2014-12-01 13:57:51 +01:00
Orion Poplawski d8867807f5 Separate php-url-fopen logpath by newline 2014-11-28 22:04:09 -07:00
Yaroslav Halchenko 2a3790f8e8 use iptables-allports for recidive 2014-11-04 13:24:54 -05:00
Yaroslav Halchenko 36abb5ed96 BF: fix $ for % in jail.conf. Debian bug #767255 2014-10-29 13:08:51 -04:00
sebres 361c220846 Merge remote-tracking branch 'remotes/upstream/master' into sebres:ban-time-incr;
normalize code to python >= 2.6;
2014-10-25 19:05:53 +02:00
pacop e3a037ee3f merge master 2014-10-25 18:15:34 +02:00
sebres 293a5066d2 normalizing time config entries: use time abbreviation (str2seconds) for all time options such 'dbpurgeage', 'bantime', 'findtime', ex.: default '1d' instead '86400';
code review and test case extended;
2014-10-24 01:32:04 +02:00
sebres 20e6989c73 Merge 'upstream/master' into ban-time-incr:
Merge remote-tracking branch 'sebres:cache-config-read-820' into ban-time-incr:
config cache optimized - prevent to read the same config file inside different resources multiple times;
test case: read jail file only once;
+ optimized merge: use OrderedDict.update instead of merge in cycle;
2014-10-08 16:37:07 +02:00
pacop ce4f2d1c88 added filter for PortSentry with jail and samples 2014-10-04 15:08:12 +02:00
SlowRiot fc5f729f01 adding jail conf for shellshock filter 2014-09-26 16:37:50 +01:00
sebres 930678cc0e Merge remote-tracking branch 'remotes/upstream/master' into ban-time-incr 2014-09-16 13:53:15 +02:00
sebres 62c755c1d5 Merge remote-tracking branch 'upstream/master' into ban-time-incr
Conflicts resolved:
	fail2ban/server/database.py
	fail2ban/tests/servertestcase.py
delBan modified (if manually unban):
	delete from "bips" also (bad ips)
	delete all tickets of this ip, also if currently not banned
2014-08-15 11:39:55 +02:00
Orion Poplawski 6b554fbe98 Fxi jail.conf to use more syslog macros 2014-08-08 13:27:32 -06:00
Yaroslav Halchenko f19c5fc939 Merge pull request #770 from eltrai/master
Forwards bantime to action scripts
2014-07-28 10:17:08 -04:00
Yaroslav Halchenko 2d7f2fa33f Merge pull request #756 from marclaporte/patch-1
typo
2014-07-27 21:49:24 -04:00
Yaroslav Halchenko 45c1095606 Merge pull request #750 from niorg/master
Added Directadmin filter, jail and log test
2014-07-27 21:47:07 -04:00
Pierre-Alain Dupont 3d7504c19e Forwards bantime to action scripts
That way, ipset and afctl will use a real timeout and not default to a fixed value for all jails
2014-07-20 16:25:59 +02:00
Yaroslav Halchenko 43950d8b7e BF: fix path to the exim log on Debian systems (/var/log/exim4) 2014-07-08 11:09:25 -04:00
Marc Laporte 3777591ab0 typo 2014-07-05 11:55:57 -04:00
Cyril Roos add8e61036 Added Directadmin filter, jail and log test 2014-07-02 13:52:06 +02:00
sebres ccf2521a6d Merge branch 'master' of https://github.com/fail2ban/fail2ban into ban-time-incr;
Conflicts in ChangeLog resolved;
obsolete imports removed;
2014-06-19 17:40:00 +02:00
JoelSnyder 70ed93d8cc Update jail.conf for oracleims filter.
This is the jail.conf update.  Hopefully this will go into pull request #734.
2014-06-09 18:37:31 -07:00
sebres 681bc2ef07 observer functionality introduced (asynchronous events in separate service thread);
ban time increment feature nearly completely moved into observer;
purge database will be called hourly in observer;
bug fixing and code review;
2014-06-06 18:44:59 +02:00
sebres 8fd083a1ea Merge remote-tracking branch 'remotes/kwirk/sebres-strptime-bug' into ban-time-incr 2014-05-15 17:12:11 +02:00
sebres 0121e09907 default formula faster and more readable, comparable with "multipliers", like 2**N, default factor for both solutions is 1 now 2014-05-07 13:28:04 +02:00
sebres c48e404e63 option "multipliers" added, how proposed from @yarikoptic;
the calculate formula is rewritten to lambda / compiled solution (up to 10 million times per seconds);
code review;
2014-05-06 16:07:16 +02:00
sebres ccf07c4b21 - some bug fixed to pass all test cases;
- database_v1.db/bans/jail-name bug fixed - cause of different jail name in jails and bans, in test case (by updateDb): FOREIGN KEY constraint failed:
  $ sqlite3 fail2ban/tests/files/database_v1.db
  sqlite> select distinct jail from bans;
  DummyJail #16244880 with 0 tickets
  sqlite> select distinct name from jails;
  DummyJail #29162448 with 0 tickets
  sqlite> update bans set jail = (select distinct name from jails);
2014-05-05 14:47:50 +02:00
sebres 6f7c9b7d0f introduced new feature "ban time exponential increasing":
"bantimeextra.enabled" in jail.conf allows to use database for searching of previously banned ip's to increase a default ban time using special formula,
   by default, each next ban it will be original banTime * 1, 2, 4, 8, 16, 32...
see "jail.conf" for some other options of "bantimeextra";
additional we can configure a little randomization of ban time, to prevent "clever" botnets calculate exact time IP can be unbanned.
WARNING: by first start the server upgrades sqlite database (table "bans" will recreated with another schema);
2014-05-05 12:38:54 +02:00
Jason Martin 7d112430ca Block brute-force attempts against the Monit gui 2014-04-16 21:21:41 -07:00
Ruben Kerkhof 1695d5c076 Fix a few typos
Found with https://github.com/lucasdemarchi/codespell

Signed-off-by: Ruben Kerkhof <ruben@rubenkerkhof.com>
2014-03-24 13:16:52 +00:00
Manuel Rüger 5a1ad75114 Fix typo in comment 2014-03-18 03:07:19 +01:00
Daniel Black aa7e8fb9ce DOC: Credits. close gh-644 2014-03-14 22:30:44 +11:00
Daniel Black 415f187644 ENH: sendmail-reject for all smtp ports. 2014-03-14 07:12:12 +11:00
Steven Hiscocks a78a9d282c DOC: Document that badips.py action should be last action for jail 2014-03-13 20:04:30 +00:00
Steven Hiscocks 0222ff4677 Merge branch 'badips-blacklist' into 0.9
Conflicts:
	ChangeLog
        - entires added in both branches.

Change:
        config/action.d/badips.py
        - jail.getName() changed to jail.name
2014-03-13 20:01:15 +00:00
Steven Hiscocks 0c63d0061a DOC: Add documentation for badips.py action 2014-03-13 19:58:32 +00:00
Daniel Black df882feb16 ENH: expand sendmail-reject jail to 465,submission 2014-03-13 07:44:02 +11:00
Daniel Black ef29d7bd29 ENH: paths-{common,distro} normalisation 2014-03-12 20:32:41 +11:00
Daniel Black 666fd5eceb ENH: purge excessive jail variations 2014-03-02 16:11:53 +11:00
Daniel Black 69f5baae36 ENH: jail.conf to use syslog_mail 2014-03-02 15:18:41 +11:00
Daniel Black 2d45becb0e Merge branch '0.9' into distro-paths-gh-315 2014-03-02 15:17:21 +11:00
Daniel Black cc8ec826c5 MRG: from master 2014-03-02 2014-03-02 14:33:45 +11:00
Daniel Black c10cc20928 ENH: rename sendmail-spam to sendmail-reject 2014-02-28 08:41:04 +11:00
Daniel Black fe1725c603 BF: add jail.conf definitions for sendmail* filters 2014-02-26 19:31:09 +11:00
Daniel Black 79e6543eca Merge branch '0.9' into distro-paths-gh-315 2014-02-20 08:20:47 +11:00
Daniel Black 83266eb668 ENH: framework for distro paths 2014-02-20 08:20:02 +11:00
Steven Hiscocks f68d85a6ac Merge branch 'master' into 0.9
Conflicts:
	ChangeLog
                Spelling correction of 0.8.13 fixed in master
	config/jail.conf
                Added nagios and duplicate php-url removal in master
                Just nagios added, duplicate not issue in 0.9
2014-02-13 20:14:40 +00:00
Aarón Nieves Fernández 993b7d3dfb Duplicate jail "php-url-fopen" 2014-02-10 21:41:50 +01:00
Ivo Truxa c207ad6058 removing ignoreip at [nagios]
I removed the ignoreip setting from the nagios section. As pointed out, it is redundant here. Nagios server, under normal circumstances should not trigger any access errors, and would be included in the global ignoreips anyway.
2014-02-06 00:27:38 +01:00
Ivo Truxa dac4dd465e ENH: Nagios filter
added typical configuration settings for the nagios filter
2014-02-03 21:51:49 +01:00
Daniel Black 1a1e3bec86 ENH: framework for distro paths 2014-01-25 23:25:54 +11:00
Daniel Black 2063d96e59 MRG: import Lars' PR for tine20 2014-01-22 18:12:19 +11:00
Daniel Black 2333b2d5d9 MRG: from 0.9 2014-01-13 22:17:14 +11:00
Lars Kneschke 47dd8fb897 ENH: filter for Tine 2.0 2014-01-13 06:04:59 +01:00
Daniel Black 1e8ed55a36 MRG: from 0.9 2014-01-12 20:15:34 +11:00
Steven Hiscocks 0dd6533680 BF: Add ejabberd-auth to jail.conf 2014-01-09 23:22:12 +00:00
Daniel Black 8333abe420 Merge pull request #557 from grooverdan/apache-botsearch
ENH: Apache botsearch + BF: tag substition
2014-01-09 14:11:00 -08:00
Daniel Black d94efe719d ENH: jail.conf for counter-strike 2014-01-07 20:50:50 +11:00
Daniel Black 58ebf659e4 MRG: from 0.9 to make history cleaner 2014-01-07 16:07:58 +11:00
Daniel Black 809581ae99 ENH: jail.conf for apache-botsearch 2014-01-07 11:52:21 +11:00
Daniel Black ed9ed6d0cb TST/ENH: fix test case for ReadStockJailFilterComplete and add missing jails 2014-01-07 11:27:54 +11:00
Daniel Black 10fa5e3439 BF: fix jails for gssftpd and qmail 2014-01-07 10:49:11 +11:00
Daniel Black 549f64e86c BF: remove imap2 - not an IANA and probably not used 2014-01-07 10:25:29 +11:00
Daniel Black fa6a183e94 BF: typos in jail.conf corrected 2014-01-07 09:49:27 +11:00
Daniel Black a31c76f126 ENH: jail cleanup and fill in missing for 0.9 2014-01-07 09:34:39 +11:00
Daniel Black 755af0a51e Merge pull request #562 from grooverdan/jail.conf-complete_and_correct
ENH: Jail.conf now has all filters and TST: a mechanism to test this is truee
2014-01-06 12:08:45 -08:00
Daniel Black 90fdf5fc21 ENH: jail.conf entry for groupoffice 2014-01-07 06:55:38 +11:00
Daniel Black 03aba92238 ENH: add kerio filter 2014-01-05 23:41:49 +11:00
Daniel Black a9f804e443 ENH: complete stock jail.conf to contain all filters 2014-01-05 21:03:16 +11:00
Daniel Black d1faae3b3b BF: port not used in jail definition for freeswitch 2014-01-04 08:01:42 +11:00
Daniel Black 04d28fd2e1 ENH: add filter freeswitch - as raised on mailing list 2014-01-03 13:00:37 +11:00
Daniel Black 391b5fc883 MRG: from master again 2014-01-01 2014-01-01 19:28:38 +11:00
Daniel Black 856407379b ENH: add filter openwebmail. Closes gh-543. 2013-12-31 08:09:00 +11:00
Daniel Black c074773805 ENH: apache modsecurity from 0.9 branch 2013-12-29 07:06:13 +00:00
Daniel Black ea2a13946e TST: more test of filters 2013-12-29 05:29:59 +00:00
Daniel Black c9cfdca396 ENH: add filter for apache-modsecurity 2013-12-28 22:28:11 +00:00
Daniel Black ddac79c15c TST: include blank ignorecommand in jail.conf to indicate default value and to raise test coverage 2013-12-25 11:01:31 +00:00
bes.internal ebd89ec077 New ignorecommand that is added to the ignoreip list from output of an external program
ignorecommand update man and fix protocol help

ENH: run ignore command only after internal list has been examined. Change interface on ignorecommand to take IP as environment variable and return true if it is to be banned

ENH: ignore IP command to take tagged command

DOC: man pages for ingorecommand

TST: add test cases for ignorecommand
2013-12-24 23:55:35 +03:00
Daniel Black ed2f46759c MRG: restore accidently deleted pam comment in jail.conf 2013-12-19 09:21:12 +00:00
Daniel Black 7c0efc8ec8 MRG: merge so far - flushLogs not working yet 2013-12-16 15:08:34 +00:00
Steven Hiscocks f742ed0e4b DOC: when to use blocklist.de reporting
Taken from commit 1846056606
2013-12-05 18:06:53 +00:00
Steven Hiscocks e810ec009d ENH: Added blocklist.de reporting API action 2013-12-05 08:22:20 +00:00
Daniel Black 1846056606 DOC: when to use xarf messages to network owner 2013-12-03 20:40:42 +11:00
Daniel Black bfd435091d ENH: jail examples for xarf-login-attack 2013-12-01 20:29:43 +11:00
Daniel Black 04438cd1a1 BF/ENH: mysql jail - rename to mysql-syslog to be consistent with 0.8.13. Add port to syslog defination. Document mysql configuration required for mysql jails 2013-11-30 10:00:59 +11:00
Daniel Black 3f4d179612 BF: smtps not an IANA port - from #447 2013-11-30 09:52:32 +11:00