Difference between revisions of "HOWTO fail2ban with qpopper"
From Fail2ban
Jump to navigationJump to search| Line 1: | Line 1: | ||
Configuration for qpopper pop3 daemon is done through the following: (this setup was for openSUSE 10.2) | Configuration for qpopper pop3 daemon is done through the following: (this setup was for openSUSE 10.2) | ||
| − | + | * First make an entry into your jail.conf file. | |
| − | First make an entry into your jail.conf file. | ||
| − | |||
[qpopper] | [qpopper] | ||
| Line 14: | Line 12: | ||
maxretry = 5 | maxretry = 5 | ||
| − | Then create a file in action.d directory called qpopperlogin.conf This failregex statement was sent to the fail2safe mail list by Sven Neukirchner. | + | * Then create a file in action.d directory called qpopperlogin.conf This failregex statement was sent to the fail2safe mail list by Sven Neukirchner. |
[Definition] | [Definition] | ||
Revision as of 13:48, 16 October 2007
Configuration for qpopper pop3 daemon is done through the following: (this setup was for openSUSE 10.2)
- First make an entry into your jail.conf file.
[qpopper]
enabled = true
port = pop3
filter = qpopperlogin
action = iptables[name=%(__name__)s, port=%(port)s]
sendmail-whois[name=qpopper, dest=you@mail.com]
logpath = /var/log/mail
maxretry = 5
- Then create a file in action.d directory called qpopperlogin.conf This failregex statement was sent to the fail2safe mail list by Sven Neukirchner.
[Definition] failregex = popper\[[0-9]+\]: \[AUTH\] Failed attempted login to \S+ from host (\S+) <HOST>(?: \[pop_pass\.c.*\])?$ ignoreregex =
That should do it!
