From eba66bcb25a6b0a3cf1eb134c4f932db4e50595a Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Fri, 12 Oct 2018 11:11:52 +0200 Subject: [PATCH] do fail2ban on postfix AUTH attempts on lists.d.o --- modules/fail2ban/files/filter/dsa-postfix.conf | 7 +++++++ modules/fail2ban/files/jail/dsa-postfix.conf | 7 +++++++ modules/fail2ban/manifests/postfix.pp | 10 ++++++++++ modules/postfix/manifests/init.pp | 2 ++ 4 files changed, 26 insertions(+) create mode 100644 modules/fail2ban/files/filter/dsa-postfix.conf create mode 100644 modules/fail2ban/files/jail/dsa-postfix.conf create mode 100644 modules/fail2ban/manifests/postfix.pp diff --git a/modules/fail2ban/files/filter/dsa-postfix.conf b/modules/fail2ban/files/filter/dsa-postfix.conf new file mode 100644 index 000000000..b3868868e --- /dev/null +++ b/modules/fail2ban/files/filter/dsa-postfix.conf @@ -0,0 +1,7 @@ +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = ^%(__prefix_line)slost connection after AUTH from \S+\[\]$ diff --git a/modules/fail2ban/files/jail/dsa-postfix.conf b/modules/fail2ban/files/jail/dsa-postfix.conf new file mode 100644 index 000000000..354f8de13 --- /dev/null +++ b/modules/fail2ban/files/jail/dsa-postfix.conf @@ -0,0 +1,7 @@ +[dsa-postfix] +enabled = true +filter = dsa-postfix +port = smtp,ssmtp +logpath = /var/log/mail.log +maxretry = 4 +bantime = 3600 diff --git a/modules/fail2ban/manifests/postfix.pp b/modules/fail2ban/manifests/postfix.pp new file mode 100644 index 000000000..4b545660d --- /dev/null +++ b/modules/fail2ban/manifests/postfix.pp @@ -0,0 +1,10 @@ +class fail2ban::postfix inherits fail2ban { + file { '/etc/fail2ban/filter.d/dsa-postfix.conf': + source => 'puppet:///modules/fail2ban/filter/dsa-postfix.conf', + notify => Service['fail2ban'], + } + file { '/etc/fail2ban/jail.d/dsa-postfix.conf': + source => 'puppet:///modules/fail2ban/jail/dsa-postfix.conf', + notify => Service['fail2ban'], + } +} diff --git a/modules/postfix/manifests/init.pp b/modules/postfix/manifests/init.pp index 67cb8d77e..8c1d2b226 100644 --- a/modules/postfix/manifests/init.pp +++ b/modules/postfix/manifests/init.pp @@ -28,6 +28,8 @@ class postfix { order => '000', content => template('postfix/main.cf-header.erb') } + } else { + include fail2ban::postfix } exec { 'service postfix reload': -- 2.20.1