Mailserver absichern (Ubuntu 18.04): Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 13: | Zeile 13: | ||
<pre> | <pre> | ||
sudo vi /etc/fail2ban/jail.d/ | sudo vi /etc/fail2ban/jail.d/mailserver.conf | ||
</pre> | </pre> | ||
| Zeile 19: | Zeile 19: | ||
<pre> | <pre> | ||
[ | [postfix] | ||
enabled | enabled = true | ||
port = smtp,ssmtp,submission | |||
filter = postfix | |||
logpath = /var/log/mail.log | |||
[sasl] | |||
enabled = true | |||
port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s | |||
filter = postfix-sasl | |||
# You might consider monitoring /var/log/mail.warn instead if you are | |||
# running postfix since it would provide the same log lines at the | |||
# "warn" level but overall at the smaller filesize. | |||
logpath = /var/log/mail.log | |||
</pre> | </pre> | ||
=== Links === | |||
[https://wiki.dovecot.org/HowTo/Fail2Ban https://wiki.dovecot.org/HowTo/Fail2Ban] | |||
[https://forum.howtoforge.de/threads/fail2ban-postfix-sasl-conf.9731/ https://forum.howtoforge.de/threads/fail2ban-postfix-sasl-conf.9731/] | |||
Zurück zu [[Mailserver_einrichten_(Ubuntu_18.04)#Einrichtung|Mailserver einrichten]] | Zurück zu [[Mailserver_einrichten_(Ubuntu_18.04)#Einrichtung|Mailserver einrichten]] | ||
Version vom 31. März 2020, 18:09 Uhr
Fail2Ban
Allgemein
Verhindert unter anderem Wörterbuchangriffe durch temporäre Anpassung von Firewall-Regeln.
Installation
Siehe Fail2Ban
Konfiguration
Nachdem Fail2Ban installiert wurde, muss noch eine Konfigurationsdatei für Dovecot angelegt
sudo vi /etc/fail2ban/jail.d/mailserver.conf
und mit folgendem Inhalt befüllt werden:
[postfix] enabled = true port = smtp,ssmtp,submission filter = postfix logpath = /var/log/mail.log [sasl] enabled = true port = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s filter = postfix-sasl # You might consider monitoring /var/log/mail.warn instead if you are # running postfix since it would provide the same log lines at the # "warn" level but overall at the smaller filesize. logpath = /var/log/mail.log
Links
https://wiki.dovecot.org/HowTo/Fail2Ban
https://forum.howtoforge.de/threads/fail2ban-postfix-sasl-conf.9731/
Zurück zu Mailserver einrichten