Difference between revisions of "HOWTO fail2ban with qpopper"

From Fail2ban
Jump to navigationJump to search
(New page: Configuration for qpopper pop3 daemon is done through the following: (this setup was for openSUSE 10.2) Make an entry into your jail.conf file for qpopper: <nowiki>[qpopper] enabled =...)
 
Line 6: Line 6:
 
   
 
   
 
enabled  = true
 
enabled  = true
 +
 
port    = pop3
 
port    = pop3
 +
 
filter  = qpopperlogin
 
filter  = qpopperlogin
 +
 
action  = iptables[name=%(__name__)s, port=%(port)s]
 
action  = iptables[name=%(__name__)s, port=%(port)s]
 +
 
           sendmail-whois[name=qpopper, dest=you@mail.com]
 
           sendmail-whois[name=qpopper, dest=you@mail.com]
 +
 
logpath  = /var/log/mail
 
logpath  = /var/log/mail
 +
 
maxretry = 5</nowiki>
 
maxretry = 5</nowiki>
  

Revision as of 13:39, 16 October 2007

Configuration for qpopper pop3 daemon is done through the following: (this setup was for openSUSE 10.2)

Make an entry into your jail.conf file for qpopper:

[qpopper] enabled = true port = pop3 filter = qpopperlogin action = iptables[name=%(__name__)s, port=%(port)s] sendmail-whois[name=qpopper, dest=you@mail.com] logpath = /var/log/mail maxretry = 5

Then create a file in action.d directory called qpopperlogin.conf (this failregex statement was sent to the fail2safe mail list by Sven Neukirchner.

[Definition]

failregex = popper\[[0-9]+\]: \[AUTH\] Failed attempted login to \S+ from host (\S+) <HOST>(?: \[pop_pass\.c.*\])?$

ignoreregex =

Retrieved from "http://wiki.fail2ban.org/wiki/index.php?title=HOWTO_fail2ban_with_qpopper&oldid=2079"