github-com-docker-mailserver/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2024-01-19 02:48:50 +00:00
Code Issues Projects Releases Wiki Activity

added fail2ban

Browse source
This commit is contained in:
Dominik Winter 2016-02-12 00:19:21 +01:00
parent 52accb596c
commit 7e7c34a256
3 changed files with 19 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Dockerfile
View file

@ -7,7 +7,7 @@ RUN apt-get -y upgrade
RUN DEBIAN_FRONTEND=noninteractive apt-get -y install vim postfix sasl2-bin courier-imap courier-imap-ssl \
courier-pop courier-pop-ssl courier-authdaemon supervisor gamin amavisd-new spamassassin clamav clamav-daemon libnet-dns-perl libmail-spf-perl \
pyzor razor arj bzip2 cabextract cpio file gzip nomarch p7zip pax unzip zip zoo rsyslog mailutils netcat \
opendkim opendkim-tools opendmarc curl
opendkim opendkim-tools opendmarc curl fail2ban
RUN apt-get autoclean && rm -rf /var/lib/apt/lists/*
# Configures Saslauthd

1
docker-compose.yml.dist
View file

@ -2,6 +2,7 @@ mail:
image: tvial/docker-mailserver
hostname: mail
domainname: domain.com
privileged: true
ports:
- "25:25"
- "143:143"

17
start-mailserver.sh
View file

@ -188,6 +188,22 @@ echo "required_score 5" >> /etc/mail/spamassassin/local.cf
echo "rewrite_header Subject ***SPAM***" >> /etc/mail/spamassassin/local.cf
cp /tmp/spamassassin/rules.cf /etc/spamassassin/
echo "Configuring fail2ban"
# enable filters
perl -i -0pe 's/(\[postfix\]\n\n).*\n/\1enabled = true\n/' /etc/fail2ban/jail.conf
perl -i -0pe 's/(\[couriersmtp\]\n\n).*\n/\1enabled = true\n/' /etc/fail2ban/jail.conf
perl -i -0pe 's/(\[courierauth\]\n\n).*\n/\1enabled = true\n/' /etc/fail2ban/jail.conf
perl -i -0pe 's/(\[sasl\]\n\n).*\n/\1enabled = true\n/' /etc/fail2ban/jail.conf
# increase ban time and find time to 3h
sed -i "/^bantime *=/c\bantime = 10800" /etc/fail2ban/jail.conf
sed -i "/^findtime *=/c\findtime = 10800" /etc/fail2ban/jail.conf
# avoid warning on startup
echo "ignoreregex =" >> /etc/fail2ban/filter.d/postfix-sasl.conf
echo "Starting daemons"
cron
/etc/init.d/rsyslog start
@ -208,6 +224,7 @@ fi
/etc/init.d/opendkim start
/etc/init.d/opendmarc start
/etc/init.d/postfix start
/etc/init.d/fail2ban start
echo "Listing SASL users"
sasldblistusers2