commit 9dab8f4

etc: Add fail2ban filter configuration example

author	Alberto Bertogli <albertito@blitiri.com.ar> 2024-11-17 10:25:58 UTC
committer	Alberto Bertogli <albertito@blitiri.com.ar> 2024-11-17 10:25:58 UTC
parent	41bb7b6f5eb52f18b9fd5d4270234135ebd4ab96

etc: Add fail2ban filter configuration example

This patch adds a fail2ban filter configuration example for chasquid.

It can be used to configure fail2ban to detect IPs causing connection
churn or high rate of errors.

etc/fail2ban/filter.d/chasquid.conf

+11

-0

diff --git a/etc/fail2ban/filter.d/chasquid.conf b/etc/fail2ban/filter.d/chasquid.conf
new file mode 100644
index 0000000..b5c6e2e
--- /dev/null
+++ b/etc/fail2ban/filter.d/chasquid.conf
@@ -0,0 +1,11 @@
+# fail2ban filter config for chasquid SMTP server.
+[INCLUDES]
+before = common.conf
+
+[Definition]
+# Identify addresses that triggered an SMTP connection error.
+failregex = SMTP.Conn <ADDR>:\d+: error:
+
+[Init]
+journalmatch = _SYSTEMD_UNIT=chasquid.service
+