X7ROOT File Manager
Current Path:
/etc/fail2ban/filter.d
etc
/
fail2ban
/
filter.d
/
📁
..
📄
3proxy.conf
(467 B)
📄
apache-auth.conf
(3.15 KB)
📄
apache-badbots.conf
(2.76 KB)
📄
apache-botsearch.conf
(1.24 KB)
📄
apache-common.conf
(1.58 KB)
📄
apache-fakegooglebot.conf
(324 B)
📄
apache-modsecurity.conf
(511 B)
📄
apache-nohome.conf
(596 B)
📄
apache-noscript.conf
(1.22 KB)
📄
apache-overflows.conf
(2.13 KB)
📄
apache-pass.conf
(362 B)
📄
apache-shellshock.conf
(1020 B)
📄
assp.conf
(3.41 KB)
📄
asterisk.conf
(2.31 KB)
📄
bitwarden.conf
(427 B)
📄
botsearch-common.conf
(522 B)
📄
centreon.conf
(307 B)
📄
common.conf
(2.71 KB)
📄
counter-strike.conf
(244 B)
📄
courier-auth.conf
(429 B)
📄
courier-smtp.conf
(512 B)
📄
cyrus-imap.conf
(444 B)
📄
directadmin.conf
(338 B)
📄
domino-smtp.conf
(2.06 KB)
📄
dovecot.conf
(2.4 KB)
📄
dropbear.conf
(1.69 KB)
📄
drupal-auth.conf
(557 B)
📄
ejabberd-auth.conf
(1.54 KB)
📄
exim-common.conf
(516 B)
📄
exim-spam.conf
(2.11 KB)
📄
exim.conf
(2.81 KB)
📄
freeswitch.conf
(1.88 KB)
📄
froxlor-auth.conf
(1.18 KB)
📄
gitlab.conf
(236 B)
📄
grafana.conf
(388 B)
📄
groupoffice.conf
(236 B)
📄
gssftpd.conf
(322 B)
📄
guacamole.conf
(1.41 KB)
📄
haproxy-http-auth.conf
(1.14 KB)
📄
horde.conf
(404 B)
📁
ignorecommands
📄
kerio.conf
(938 B)
📄
lighttpd-auth.conf
(333 B)
📄
mongodb-auth.conf
(2.23 KB)
📄
monit.conf
(787 B)
📄
murmur.conf
(927 B)
📄
mysqld-auth.conf
(953 B)
📄
nagios.conf
(400 B)
📄
named-refused.conf
(1.46 KB)
📄
nginx-botsearch.conf
(681 B)
📄
nginx-http-auth.conf
(485 B)
📄
nginx-limit-req.conf
(1.42 KB)
📄
nsd.conf
(760 B)
📄
openhab.conf
(452 B)
📄
openwebmail.conf
(495 B)
📄
oracleims.conf
(1.89 KB)
📄
pam-generic.conf
(947 B)
📄
perdition.conf
(568 B)
📄
php-url-fopen.conf
(891 B)
📄
phpmyadmin-syslog.conf
(278 B)
📄
portsentry.conf
(242 B)
📄
postfix.conf
(3.09 KB)
📄
proftpd.conf
(1.14 KB)
📄
pure-ftpd.conf
(2.35 KB)
📄
qmail.conf
(795 B)
📄
recidive.conf
(1.34 KB)
📄
roundcube-auth.conf
(1.46 KB)
📄
screensharingd.conf
(821 B)
📄
selinux-common.conf
(538 B)
📄
selinux-ssh.conf
(570 B)
📄
sendmail-auth.conf
(776 B)
📄
sendmail-reject.conf
(2.88 KB)
📄
sieve.conf
(371 B)
📄
slapd.conf
(706 B)
📄
softethervpn.conf
(451 B)
📄
sogo-auth.conf
(722 B)
📄
solid-pop3d.conf
(1.07 KB)
📄
squid.conf
(260 B)
📄
squirrelmail.conf
(191 B)
📄
sshd.conf
(7.34 KB)
📄
stunnel.conf
(363 B)
📄
suhosin.conf
(649 B)
📄
tine20.conf
(890 B)
📄
traefik-auth.conf
(2.33 KB)
📄
uwimap-auth.conf
(374 B)
📄
vsftpd.conf
(637 B)
📄
webmin-auth.conf
(444 B)
📄
wuftpd.conf
(520 B)
📄
xinetd-fail.conf
(521 B)
📄
znc-adminlog.conf
(912 B)
📄
zoneminder.conf
(524 B)
Editing: sendmail-reject.conf
# Fail2Ban filter for sendmail spam/relay type failures # # Some of the below failregex will only work properly, when the following # options are set in the .mc file (see your Sendmail documentation on how # to modify it and generate the corresponding .cf file): # # FEATURE(`delay_checks') # FEATURE(`greet_pause', `500') # FEATURE(`ratecontrol', `nodelay', `terminate') # FEATURE(`conncontrol', `nodelay', `terminate') # # ratecontrol and conncontrol also need corresponding options ClientRate: # and ClientConn: in the access file, see documentation for ratecontrol and # conncontrol in the sendmail/cf/README file. [INCLUDES] before = common.conf [Definition] _daemon = (?:(sm-(mta|acceptingconnections)|sendmail)) __prefix_line = %(known/__prefix_line)s(?:\w{14,20}: )? addr = (?:IPv6:<IP6>|<IP4>) prefregex = ^<F-MLFID>%(__prefix_line)s</F-MLFID><F-CONTENT>.+</F-CONTENT>$ cmnfailre = ^ruleset=check_rcpt, arg1=(?P<email><\S+@\S+>), relay=(\S+ )?\[%(addr)s\](?: \(may be forged\))?, reject=(550 5\.7\.1 (?P=email)\.\.\. Relaying denied\. (IP name possibly forged \[(\d+\.){3}\d+\]|Proper authentication required\.|IP name lookup failed \[(\d+\.){3}\d+\])|553 5\.1\.8 (?P=email)\.\.\. Domain of sender address \S+ does not exist|550 5\.[71]\.1 (?P=email)\.\.\. (Rejected: .*|User unknown))$ ^ruleset=check_relay, arg1=(?P<dom>\S+), arg2=%(addr)s, relay=((?P=dom) )?\[(\d+\.){3}\d+\](?: \(may be forged\))?, reject=421 4\.3\.2 (Connection rate limit exceeded\.|Too many open connections\.)$ ^rejecting commands from (\S* )?\[%(addr)s\] due to pre-greeting traffic after \d+ seconds$ ^(?:\S+ )?\[%(addr)s\]: (?:(?i)expn|vrfy) \S+ \[rejected\]$ ^<[^@]+@[^>]+>\.\.\. No such user here$ ^<F-NOFAIL>from=<[^@]+@[^>]+></F-NOFAIL>, size=\d+, class=\d+, nrcpts=\d+, bodytype=\w+, proto=E?SMTP, daemon=MTA, relay=\S+ \[%(addr)s\]$ mdre-normal = mdre-extra = ^(?:\S+ )?\[%(addr)s\](?: \(may be forged\))? did not issue \S+ during connection mdre-aggressive = %(mdre-extra)s failregex = %(cmnfailre)s <mdre-<mode>> # Parameter "mode": normal (default), extra or aggressive # Usage example (for jail.local): # [sendmail-reject] # filter = sendmail-reject[mode=extra] # mode = normal ignoreregex = journalmatch = SYSLOG_IDENTIFIER=sm-mta + _SYSTEMD_UNIT=sendmail.service # DEV NOTES: # # Regarding the multiline regex: # # "No such user" lines generate a failure and needs to be matched together with # another line with the HOST, therefore no-failure line was added as regex, that # contains HOST (see line with tag <F-NOFAIL>). # # Note the capture <F-MLFID>, includes both the __prefix_lines (which includes # the sendmail PID), but also the `\w{14}` which the the sendmail assigned # mail ID (todo: check this is necessary, possible obsolete). # # Author: Daniel Black, Fabian Wenk and Sergey Brester aka sebres. # Rewritten using prefregex by Serg G. Brester.
Upload File
Create Folder