From 2be8757322ad4d01f5a5ff6009f1c0e0b5f4c6c0 Mon Sep 17 00:00:00 2001 From: Marek Walczak Date: Thu, 30 Nov 2017 22:55:27 +0100 Subject: [PATCH] this an explaining PR #769 --- docs/content/config/security/fail2ban.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/content/config/security/fail2ban.md b/docs/content/config/security/fail2ban.md index 3b789d90..79f5faa6 100644 --- a/docs/content/config/security/fail2ban.md +++ b/docs/content/config/security/fail2ban.md @@ -1,4 +1,5 @@ Fail2ban is installed automatically and bans IP addresses for 3 hours after 3 failed attempts in 10 minutes by default. If you want to change this, you can easily edit [config/fail2ban-jail.cf](https://github.com/tomav/docker-mailserver/blob/master/config/fail2ban-jail.cf). +You can do the same with the values from fail2ban.conf, e.g dbpurgeage. In that case you need to edit [config/fail2ban-fail2ban.cf](https://github.com/tomav/docker-mailserver/blob/master/config/fail2ban-fail2ban.cf) __Important__: The mail container must be launched with the NET_ADMIN capability in order to be able to install the iptable rules that actually ban IP addresses. Thus either include `--cap-add=NET_ADMIN` in the docker run commandline or the equivalent docker-compose.yml: ```