| 3 |
- |
1 |
# Fail2Ban filter for selected Postfix SMTP rejections
|
|
|
2 |
#
|
|
|
3 |
#
|
|
|
4 |
|
|
|
5 |
[INCLUDES]
|
|
|
6 |
|
|
|
7 |
# Read common prefixes. If any customizations available -- read them from
|
|
|
8 |
# common.local
|
|
|
9 |
before = common.conf
|
|
|
10 |
|
|
|
11 |
[Definition]
|
|
|
12 |
|
| 33 |
- |
13 |
_daemon = postfix/(submission/)?smtp(d|s)
|
| 3 |
- |
14 |
|
|
|
15 |
failregex = ^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 554 5\.7\.1 .*$
|
| 33 |
- |
16 |
^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.7\.1 Client host rejected: cannot find your hostname, (\[\S*\]); from=<\S*> to=<\S+> proto=ESMTP helo=<\S*>$
|
| 3 |
- |
17 |
^%(__prefix_line)sNOQUEUE: reject: RCPT from \S+\[<HOST>\]: 450 4\.7\.1 : Helo command rejected: Host not found; from=<> to=<> proto=ESMTP helo= *$
|
|
|
18 |
^%(__prefix_line)sNOQUEUE: reject: VRFY from \S+\[<HOST>\]: 550 5\.1\.1 .*$
|
| 6 |
- |
19 |
^%(__prefix_line)simproper command pipelining after \S+ from [^[]*\[<HOST>\]:?$
|
| 3 |
- |
20 |
|
|
|
21 |
ignoreregex =
|
|
|
22 |
|
| 33 |
- |
23 |
[Init]
|
|
|
24 |
|
|
|
25 |
journalmatch = _SYSTEMD_UNIT=postfix.service
|
|
|
26 |
|
| 3 |
- |
27 |
# Author: Cyril Jaquier
|