Blackmesa Installation Tutorial/Howto
SW-RAID Hetzner DS 5000
PART 1 / ext3 1024
PART 2 swap swap 2048
PART 3 /usr ext3 5120
PART 4 /var ext3 5120
PART 5 /home ext3 2048
PART 6 /hddtmp ext3 1024
PART 7 /srv ext3 all
SWRAID 1
SWDEVICE /dev/sdb
----------------------------------
watch cat /proc/mdstat
----------------------------------
#!/bin/bash
mount /dev/md0 /mnt
mount --bind /dev /mnt/dev/
mount --bind /proc /mnt/proc/
mount --bind /sys /mnt/sys/
chroot /mnt /bin/bash
mount -a
umount /proc
mount -tproc none /proc
mkinitrd -o /boot/initrd.img-2.6.8-3-k7-smp 2.6.8-3-k7-smp
lilo
Install-Script
#!/bin/bash
###################################################
#
# Debian 3.1 32bit - Installscript
# Copyright 2006 by Arkadius Stefanski (ar@kadi.us)
#
###################################################
###################################
# INSTALL MISC STUFF
###################################
apt-get update && apt-get -y upgrade
apt-get -y install mc zip unzip bzip2 screen vim acpi rsync traceroute ftp pftp
apt-get -y remove pcmcia-cs pppoe pppoeconf ppp pppconfig
###################################
# INSTALL PHP & MYSQL
###################################
echo "# PHP & MySQL" >> /etc/apt/sources.list
echo "deb http://dotdeb.pimpmylinux.org/ stable all" >> /etc/apt/sources.list
echo "deb-src http://dotdeb.pimpmylinux.org/ stable all" >> /etc/apt/sources.list
echo "deb http://dotdeb.netmirror.org/ stable all" >> /etc/apt/sources.list
echo "deb-src http://dotdeb.netmirror.org/ stable all" >> /etc/apt/sources.list
apt-get update
apt-get -y install apache
apt-get -y install libapache-mod-php5 php5 php5-common php5-cli php5-curl php5-mysql php5-gd php5-dev php5-apc
apt-get -y install libmysqlclient15-dev mysql-server-5.0 mysql-client-5.0
###################################
# UPDATE TIME
###################################
apt-get -y install ntp ntpdate
echo "#!/bin/bash" > /root/sync-time.sh
echo "ntpdate ptbtime1.ptb.de" >> /root/sync-time.sh
chmod 700 /root/sync-time.sh
/root/sync-time.sh
###################################
# MOVE APACHE & MySQL DEFAULT-DIR
###################################
/etc/init.d/apache stop && /etc/init.d/mysql stop
mv /var/www /srv/
mv /var/lib/mysql /srv/
ln -s /srv/www /var/www
ln -s /srv/mysql /var/lib/mysql
/etc/init.d/apache start && /etc/init.d/mysql start
###################################
# CREATE MYSQL-CONF
###################################
echo "" > /root/.my.cnf
chmod 700 /root/.my.cnf
echo "[mysql]" >> /root/.my.cnf
echo "user=root" >> /root/.my.cnf
echo "password=" >> /root/.my.cnf
echo "[mysqldump]" >> /root/.my.cnf
echo "user=root" >> /root/.my.cnf
echo "password=" >> /root/.my.cnf
###################################
# CREATE BACKUP-CONF
###################################
echo "" > /root/.netrc
chmod 700 /root/.netrc
echo "machine " >> /root/.netrc
echo " login " >> /root/.netrc
echo " password " >> /root/.netrc
tmp im RAM
/bin/mount -t tmpfs /dev/shm /tmp/ramtmp/ -o size=150m
Update
apt-get update && apt-get upgrade
apt-get install mc zip unzip bzip2 screen vim acpi
apt-get remove pcmcia-cs pppoe pppoeconf ppp pppconfig
Quellen für PHP 5 und MySQL 5 und Kernel-Images
vim /etc/apt/sources.list
# PHP & MySQL
deb http://dotdeb.pimpmylinux.org/ stable all
deb-src http://dotdeb.pimpmylinux.org/ stable all
deb http://dotdeb.netmirror.org/ stable all
deb-src http://dotdeb.netmirror.org/ stable all
apt-get update && apt-get upgrade && apt-get dist-upgrade
Apache2 & PHP 5 & MySQL 5
apt-get install apache || apt-get install apache2
apt-get install mysql-server-5.0 mysql-client-5.0 libmysqlclient15-dev
apt-get install php5 php5-common php5-cli php5-curl php5-mysql php5-gd php5-dev php5-apc
a2ensite
a2enmod
mysqladmin -u root -p password 'newpassword'
MRTG
apt-get install mrtg mrtg-contrib mrtgutils snmpd
vi /etc/snmp/snmpd.conf
# sec.name source community
# com2sec paranoid default public # kommentieren
com2sec readonly default public # <- auskommentieren
#com2sec readwrite default private
/etc/init.d/snmpd restart
cfgmaker public@localhost > /etc/mrtg.cfg
indexmaker --columns=2 /etc/mrtg.cfg >/srv/www/mrtg/index.html
Munin
apt-get install munin munin-node
vi /etc/munin/munin.conf
dbdir /var/lib/munin
htmldir /var/www/www.example.com/web/monitoring
logdir /var/log/munin
rundir /var/run/munin
tmpldir /etc/munin/templates
[server1.example.com]
address 127.0.0.1
use_node_name yes
ln -s /usr/share/munin/plugins/postfix_mailstats /etc/munin/plugins/
ln -s /usr/share/munin/plugins/uptime /etc/munin/plugins/
ln -s /usr/share/munin/plugins/sendmail_mail* /etc/munin/plugins/
ln -s /usr/share/munin/plugins/ping_ /etc/munin/plugins/ping_www.google.de
APC
vim /etc/php5/apache/php.ini
[APC]
extension="apc.so"
apc.enabled=1
apc.shm_segments=1
apc.optimization=0
apc.shm_size=128
apc.ttl=7200
apc.user_ttl=7200
apc.num_files_hint=1024
apc.mmap_file_mask="/tmp/apc.XXXXXX"
apc.enable_cli=0
Postfix
apt-get install postfix postfix-mysql postfix-doc (local only)
apt-get install courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl
apt-get install postfix-tls libsasl2 libsasl2-modules libsasl2-modules-sql openssl
CREATE TABLE `domains` (
`domain` varchar(50) NOT NULL,
PRIMARY KEY (`domain`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
CREATE TABLE `forwardings` (
`source` varchar(80) NOT NULL,
`destination` text NOT NULL,
PRIMARY KEY (`source`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
CREATE TABLE `users` (
`email` varchar(80) NOT NULL,
`passwd` varchar(20) NOT NULL,
PRIMARY KEY (`email`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
vi /etc/postfix/mysql_domains.cf
user = postfix
password =
dbname = postfix
table = domains
select_field = domain
where_field = domain
hosts = 127.0.0.1
vi /etc/postfix/mysql_forwardings.cf
user = postfix
password =
dbname = postfix
table = forwardings
select_field = destination
where_field = source
hosts = 127.0.0.1
vi /etc/postfix/mysql_mailboxes.cf
user = postfix
password =
dbname = postfix
table = users
select_field = CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
where_field = email
hosts = 127.0.0.1
vi /etc/postfix/mysql_email2email.cf
user = postfix
password =
dbname = postfix
table = users
select_field = email
where_field = email
hosts = 127.0.0.1
chgrp postfix /etc/postfix/mysql_*.cf
chmod u=rw,g=r,o= /etc/postfix/mysql_*.cf
groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m
vi /etc/postfix/sasl/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: 127.0.0.1
sql_user: postfix
sql_passwd:
sql_database: postfix
sql_select: SELECT passwd FROM users WHERE email='%u@%r'
chown root:postfix /etc/postfix/sasl/smtpd.conf
chmod u=rw,g=r,o= /etc/postfix/sasl/smtpd.conf
openssl req -new -outform PEM -out /etc/postfix/smtpd.cert -newkey rsa:2048 -nodes -keyout /etc/postfix/smtpd.key -keyform PEM -days 3650 -x509
chmod u=rw,g=r,o= /etc/postfix/smtpd.key
chown root:postfix /etc/postfix/smtpd.key
vi /etc/courier/authdaemonrc
authmodulelist="authmysql"
vi /etc/courier/authmysqlrc
MYSQL_SERVER 127.0.0.1
MYSQL_USERNAME postfix
MYSQL_PASSWORD
MYSQL_PORT 3306
MYSQL_DATABASE postfix
MYSQL_USER_TABLE users
#MYSQL_CRYPT_PWFIELD (comment this out)
MYSQL_CLEAR_PWFIELD passwd
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD (comment this out)
vi /etc/postfix/main.cf
myhostname = localhost
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = $myhostname, 127.0.0.1, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_maps = mysql:/etc/postfix/mysql_forwardings.cf mysql:/etc/postfix/mysql_email2email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_mailboxes.cf
virtual_mailbox_base = /srv/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_etrn_restrictions = reject
disable_vrfy_command = yes
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
invalid_hostname_reject_code = 554
multi_recipient_bounce_reject_code = 554
non_fqdn_reject_code = 554
relay_domains_reject_code = 554
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_sender_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client list.dsbl.org,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dsn.rfc-ignorant.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client combined.rbl.msrbl.net,
reject_rbl_client rabl.nuclearelephant.com,
reject_rbl_client relays.ordb.org,
reject_rbl_client blackholes.easynet.nl,
reject_rbl_client proxies.blackholes.wirehub.net,
reject_rbl_client opm.blitzed.org,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client multihop.dsbl.org,
permit
# smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
unknown_local_recipient_reject_code = 450
Virus Scanner & Spam Filter für Postfix
apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 unzoo libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop
vi /etc/amavis/conf.d/15-content_filter_mode
use strict;
# You can modify this file to re-enable SPAM checking through spamassassin
# and to re-enable antivirus checking.
#
# Default antivirus checking mode
# Uncomment the two lines below to enable it back
#
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
#
# Default SPAM checking mode
# Uncomment the two lines below to enable it back
#
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
1; # insure a defined return
vi /etc/amavis/conf.d/20-debian_defaults
$QUARANTINEDIR = "$MYHOME/virusmails";
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_ident = 'amavis'; # syslog ident tag, prepended to all messages
$syslog_facility = 'mail';
$syslog_priority = 'debug'; # switch to info to drop debug output, etc
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # default listenting socket
$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
[...]
$final_virus_destiny = D_DISCARD; # (data not lost, see virus quarantine)
$final_banned_destiny = D_BOUNCE; # D_REJECT when front-end MTA
$final_spam_destiny = D_BOUNCE;
$final_bad_header_destiny = D_PASS; # False-positive prone (for spam)
[...]
adduser clamav amavis
/etc/init.d/amavis restart
/etc/init.d/clamav-daemon restart
vi /etc/clamav/freshclam.conf
[...]
NotifyClamd /etc/clamav/clamd.conf
[...]
/etc/init.d/clamav-freshclam restart
postconf -e 'content_filter = amavis:[127.0.0.1]:10024'
postconf -e 'receive_override_options = no_address_mappings'
vi /etc/postfix/master.cf
[...]
amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1
/etc/init.d/postfix restart
apt-get install razor pyzor dcc-client
vi /etc/spamassassin/local.cf
[...]
# dcc
use_dcc 1
dcc_path /usr/bin/dccproc
dcc_add_header 1
dcc_dccifd_path /usr/sbin/dccifd
#pyzor
use_pyzor 1
pyzor_path /usr/bin/pyzor
pyzor_add_header 1
#razor
use_razor2 1
razor_config /etc/razor/razor-agent.conf
#bayes
use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1
/etc/init.d/amavis restart
tail -f /var/log/mail.log
Mailgraph
apt-get install rrdtool mailgraph
dpkg-reconfigure mailgraph
Should Mailgraph start on boot? <-- Yes
Logfile used by mailgraph: <-- /var/log/mail.log
cp -p /usr/lib/cgi-bin/mailgraph.cgi /srv/www/default/cgi-bin/
eAccelerator
cd /usr/src
wget http://mesh.dl.sourceforge.net/sourceforge/eaccelerator/eaccelerator-0.9.5-beta2.tar.bz2
bunzip2 eaccelerator-0.9.5-beta2.tar.bz2
tar xfv eaccelerator-0.9.5-beta2.tar
rm -f eaccelerator-0.9.5-beta2.tar
cd eaccelerator-0.9.5-beta2
export PHP_PREFIX="/usr"
$PHP_PREFIX/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=$PHP_PREFIX/bin/php-config
make
make install
vim /etc/php5/apache/php.ini
[eAccelerator]
extension="eaccelerator.so"
eaccelerator.shm_size="32"
eaccelerator.cache_dir="/tmp"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
ZendOptimizer
tar xfvz ZendOptimizer-3.0.0-linux-glibc21-i386.tar.gz
rm -f ZendOptimizer-3.0.0-linux-glibc21-i386.tar.gz
cd ZendOptimizer-3.0.0-linux-glibc21-i386/data/5_1_x_comp/
mkdir /usr/local/lib/Zend
mv ZendOptimizer.so /usr/local/lib/Zend/
vim /etc/php5/apache/php.ini
[ZendOptimizer]
zend_extension=/usr/local/lib/Zend/ZendOptimizer.so
zend_optimizer.optimization_level=15
phpSysInfo
apt-get install phpsysinfo
ln -s /usr/share/phpsysinfo /home/www/phpsysinfo
Sensors
apt-get install lm-sensors
sensors-detect
#----cut here----
# I2C adapter drivers
i2c-viapro
i2c-isa
# I2C chip drivers
eeprom
w83627hf
#----cut here----
modprobe i2c-viapro
modprobe i2c-isa
modprobe eeprom
modprobe w83627hf
vi /etc/sensors.conf
chip "w83697hf-*"
label temp1 "Sys Temp"
label temp2 "CPU Temp"
proFTPd
apt-get install proftpd
addgroup ftpuser
usermod -G ftpuser username
vsFTPd
apt-get install vsftpd
vi /etc/shells
/bin/false
touch /etc/vsftpd.user_list
vi /etc/vsftpd.conf
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
ftpd_banner=FTP Server
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
userlist_deny=NO
userlist_enable=YES
listen_port=6501
addgroup ftpgroup
touch /root/addftpuser.sh
chmod 700 /root/addftpuser.sh
vi /root/addftpuser.sh
#!/bin/bash
echo -n "Bitte Benutzernamen eingeben: "
read username
echo "Erstelle Benutzer $username..."
useradd -d /home/$username -g ftpgroup -s /bin/false $username
echo "Erstelle Heimatverzeichnis..."
mkdir /home/$username
echo "Setze Benutzerberechtigungen..."
chown nobody:ftpgroup /home/$username
chmod 1770 /home/$username
echo "Erlaube Benutzer den FTP-Zugriff..."
echo $username >> /etc/vsftpd.user_list
echo "Setze Passwort für neuen Benutzer..."
passwd $username
Synchronize the System Clock
apt-get install ntp ntpdate
ntpdate ptbtime1.ptb.de
Samba
apt-get install samba samba-doc smbclient smbfs swat
vi /etc/inetd.conf
vi /etc/services
swat 901/tcp #SWAT
smbmount //KONSTANTINA/PUB /mnt/konstantina/pub -o username=k5,password=n26r7z40
lighthttpd (not finished)
apt-get install php5-cgi php5-curl php5-mysql php5-gd php5-dev php5-cli php5 php5-common php5-apc
apt-get install libpcre3 zlib1g libssl-dev libbz2-dev libpcre3-dev gcc debhelper
wget http://www.lighttpd.net/download/lighttpd-1.4.7.tar.gz
wget http://www.lighttpd.net/download/lighttpd-1.4.13.tar.gz
tar xzf lighttpd-1.4.7.tar.gz
tar xzf lighttpd-1.4.13.tar.gz
cp -R lighttpd-1.4.7/debian lighttpd-1.4.13/
cd lighttpd-1.4.13/
vi debian/changelog
dpkg-buildpackage
cd ..
dpkg -i lighttpd_1.4.13-1_i386.deb
-------------------------------------------------- NOT USED
./configure --help
./configure --prefix=/usr/local/lighttpd --disable-ipv6 --with-openssl --with-mysql
make
make install
mkdir /etc/lighttpd && cp doc/lighttpd.conf /etc/lighttpd/
cp debian/init.d /etc/init.d/lighttpd
vi /etc/init.d/lighttpd
light-enable-mod fastcgi # etch
-------------------------------------------------- NOT USED
fastcgi.server = (
".php" =>
( "localhost" =>
(
"socket" => "/home/jah/tmp/jah-php5-fcgi.socket",
"bin-path" => "/usr/local/www/cgi-bin/php5-fcgi -c /home/jah/etc/php.ini",
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "32",
"PHP_FCGI_MAX_REQUESTS" => "5000"
)
)
)
)
Bittornado
apt-get install bittornado
vi /root/torrent.sh
chmod 700 /root/torrent.sh
#!/bin/bash
MIN_PORT=11100
MAX_PORT=11500
MAX_UPLOAD_RATE=10
MAX_DOWNLOAD_RATE=0
TORRENT_DIR="/xl/torrent/files"
DOWNLOAD_DIR="/xl/torrent/incoming"
test -d $DOWNLOAD_DIR || mkdir -p $DOWNLOAD_DIR
cd $DDIR
btlaunchmanycurses.bittornado $TORRENT_DIR --max_upload_rate $MAX_UPLOAD_RATE --max_download_rate $MAX_DOWNLOAD_RATE --minport $MIN_PORT --maxport $MAX_PORT --saveas_style 3 --upnp_nat_access 0 --super_seeder 1 --max_connections 0 --lock_files 1
fail2ban
http://www.howtoforge.com/fail2ban_debian_etch
apt-get install fail2ban
vi /etc/fail2ban/jail.conf
[DEFAULT]
ignoreip = 127.0.0.1
bantime = 600
maxretry = 3
backend = polling
destemail = admin@clustr.de
action = iptables[name=%(__name__)s, port=%(port)s]
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 5
#
# HTTP servers
#
[apache]
enabled = false
port = http
filter = apache-auth
logpath = /var/log/apache*/*access.log
maxretry = 6
[apache-noscript]
enabled = false
port = http
filter = apache-noscript
logpath = /var/log/apache*/*error.log
maxretry = 6
#
# FTP servers
#
[vsftpd]
enabled = false
port = ftp
filter = vsftpd
logpath = /var/log/auth.log
maxretry = 6
[proftpd]
enabled = true
port = ftp
filter = proftpd
logpath = /var/log/proftpd/proftpd.log
maxretry = 5
[wuftpd]
enabled = false
port = ftp
filter = wuftpd
logpath = /var/log/auth.log
maxretry = 6
#
# Mail servers
#
[postfix]
enabled = true
port = smtp
filter = postfix
logpath = /var/log/mail.log
maxretry = 5
[couriersmtp]
enabled = true
port = pop3
filter = courierlogin
failregex = courierpop3login: LOGIN FAILED.*ip=\[.*:\]
logpath = /var/log/mail.log
maxretry = 5
[courierimap]
enabled = true
port = imap2
filter = courierlogin
failregex = imapd: LOGIN FAILED.*ip=\[.*:\]
logpath = /var/log/mail.log
maxretry = 5
[sasl]
enabled = true
port = smtp
filter = sasl
failregex = warning: [-._\w]+\[\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed
logpath = /var/log/mail.log
maxretry = 5
/etc/init.d/fail2ban restart