summary refs log tree commit diff stats
path: root/system/services/fail2ban/default.nix
diff options
context:
space:
mode:
authorSilas Schöffel <sils@sils.li>2024-04-25 23:28:47 +0200
committerSilas Schöffel <sils@sils.li>2024-04-25 23:49:29 +0200
commit9c17c1c392c83e8f4b3ac1d8283eed4da3d4aac4 (patch)
treee4c4c33dc24de87a1a365dd21316ed20c481574e /system/services/fail2ban/default.nix
parentstyle(system/services/mastodon): format with alejandra (diff)
downloadnixos-server-9c17c1c392c83e8f4b3ac1d8283eed4da3d4aac4.tar.gz
nixos-server-9c17c1c392c83e8f4b3ac1d8283eed4da3d4aac4.zip
feat(system/services/fail2ban): add postfix jail
This bans IP Addresses which fail to login into postfix at least 3 times in
600 seconds.
Diffstat (limited to '')
-rw-r--r--system/services/fail2ban/default.nix6
1 files changed, 6 insertions, 0 deletions
diff --git a/system/services/fail2ban/default.nix b/system/services/fail2ban/default.nix
index 66207e6..6d90d49 100644
--- a/system/services/fail2ban/default.nix
+++ b/system/services/fail2ban/default.nix
@@ -25,6 +25,12 @@
         filter = dovecot[mode=aggressive]
         maxretry = 2
       '';
+      postfix = ''
+        enabled = true
+        filter = postfix[mode=aggressive]
+        findtime = 600
+        maxretry = 3
+      '';
     };
   };
 }