Re: [exim] Stopping Bruteforceattacks

Top Page
This message is part of the following thread:
M-+-\the complete thread tree sorted by date
M\M\MPhil Pennock at <-
MMMMCyborg at ->
Delete this message
Reply to this message
Author: Peter Velan
Date:  
To: exim-users
Subject: Re: [exim] Stopping Bruteforceattacks
am 25.07.2012 12:30 schrieb Chris Knadle:
> On Wednesday, July 25, 2012 04:44:32, Mihamina Rakotomandimby wrote:
>> If me, I'd filter at IP level, based on some reject log information.
>> That's the job of fail2ban, but I dont know if it parses Exim logs.
>
> By default fail2ban doesn't scan Exim logs, but what logs are scanned is
> customizable; for instance something like the following added to fail2ban's
> jail.conf:
>
> -----------------------
>
> #
> # Exim4 email MTA
> #
>
> [exim4]
>
> enabled = true
> port = smtp
> filter = exim4
> logpath = /var/log/exim4/mainlog
> bantime = 28800
> maxretry = 3

I'm using daily mainlogs á la "mainlog-20120726". What would be an
elegant way to configure fail2ban in this case?

Gruß Peter

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Stopping BruteforceattacksRe: [exim] Stopping Bruteforceattacks->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)