Difference between revisions of "HOWTO fail2ban with qpopper"
From Fail2ban
Jump to navigationJump to search| Line 1: | Line 1: | ||
Configuration for qpopper pop3 daemon is done through the following: (this setup was for openSUSE 10.2) | Configuration for qpopper pop3 daemon is done through the following: (this setup was for openSUSE 10.2) | ||
| − | Make an entry into your jail.conf file for qpopper: | + | |
| + | == Make an entry into your jail.conf file for qpopper: == | ||
| + | |||
<nowiki>[qpopper] | <nowiki>[qpopper] | ||
| Line 19: | Line 21: | ||
maxretry = 5</nowiki> | maxretry = 5</nowiki> | ||
| − | Then create a file in action.d directory called qpopperlogin.conf (this failregex statement was sent to the fail2safe mail list by Sven Neukirchner. | + | == |
| + | Then create a file in action.d directory called qpopperlogin.conf == | ||
| + | (this failregex statement was sent to the fail2safe mail list by Sven Neukirchner. | ||
[Definition] | [Definition] | ||
Revision as of 14:40, 16 October 2007
Configuration for qpopper pop3 daemon is done through the following: (this setup was for openSUSE 10.2)
Make an entry into your jail.conf file for qpopper:
[qpopper] enabled = true port = pop3 filter = qpopperlogin action = iptables[name=%(__name__)s, port=%(port)s] sendmail-whois[name=qpopper, dest=you@mail.com] logpath = /var/log/mail maxretry = 5
== Then create a file in action.d directory called qpopperlogin.conf == (this failregex statement was sent to the fail2safe mail list by Sven Neukirchner.
[Definition]
failregex = popper\[[0-9]+\]: \[AUTH\] Failed attempted login to \S+ from host (\S+) <HOST>(?: \[pop_pass\.c.*\])?$
ignoreregex =
