diff --git a/etc/fail2ban/jail.d/dovecot.conf b/etc/fail2ban/jail.d/dovecot.conf index 05bcaff..33fb259 100644 --- a/etc/fail2ban/jail.d/dovecot.conf +++ b/etc/fail2ban/jail.d/dovecot.conf @@ -2,4 +2,4 @@ enabled = true port = imap2,imap3,imaps,pop3,pop3s filter = dovecot -logpath = /var/log/mail.log tail + diff --git a/etc/fail2ban/jail.d/exim-hard.conf b/etc/fail2ban/jail.d/exim-hard.conf index d08e056..96ea9c2 100644 --- a/etc/fail2ban/jail.d/exim-hard.conf +++ b/etc/fail2ban/jail.d/exim-hard.conf @@ -2,6 +2,7 @@ enabled = true port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s,submission filter = exim-hard +backend = auto logpath = /var/log/exim4/rejectlog tail maxretry = 1 bantime = 86400 diff --git a/etc/fail2ban/jail.d/exim-ratelimit.conf b/etc/fail2ban/jail.d/exim-ratelimit.conf index b7f3ea6..c6005b3 100644 --- a/etc/fail2ban/jail.d/exim-ratelimit.conf +++ b/etc/fail2ban/jail.d/exim-ratelimit.conf @@ -3,6 +3,7 @@ enabled = true port = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s,submission filter = exim-ratelimit action = mail-ratelimit +backend = auto logpath = /var/log/exim4/rejectlog tail maxretry = 1 findtime = 60 diff --git a/etc/fail2ban/jail.d/exim.conf b/etc/fail2ban/jail.d/exim.conf index 8576b11..a4f981b 100644 --- a/etc/fail2ban/jail.d/exim.conf +++ b/etc/fail2ban/jail.d/exim.conf @@ -2,4 +2,5 @@ enabled = true port = smtp,465,submission filter = exim +backend = auto logpath = /var/log/exim4/rejectlog tail diff --git a/install.sh b/install.sh index e8ad2d6..f0514fa 100755 --- a/install.sh +++ b/install.sh @@ -129,7 +129,7 @@ install --owner=Debian-exim --group=Debian-exim --mode=640 /dev/null /etc/exim4/ cp etc/exim4/* /etc/exim4/ if [ $os_codename = jammy ]; then cp /etc/exim4/exim4-jammy.conf /etc/exim4/exim4.conf -elif [ $os_codename != bookworm ]; then +elif [ $os_codename = bookworm ]; then cp /etc/exim4/exim4-bookworm.conf /etc/exim4/exim4.conf else echo "WARNING: Unexpected OS codename. This should never happen due to previous checks." @@ -217,6 +217,12 @@ fi if [[ -d /etc/fail2ban/ ]]; then chmod 644 etc/fail2ban/*/*.conf cp -a etc/fail2ban/* /etc/fail2ban/ + if [ $os_codename = bookworm ]; then + echo "backend = systemd" >> /etc/fail2ban/jail.d/dovecot.conf + elif [ $os_codename = jammy ]; then + echo "backend = auto" >> /etc/fail2ban/jail.d/dovecot.conf + echo "logpath = /var/log/mail.log tail" >> /etc/fail2ban/jail.d/dovecot.conf + fi else echo echo "fail2ban not installed, skipping fail2ban email configs."