fail2ban: block postfix connections with wrong host name
Block hosts connecting via SMTP to postfix and sending a wrong hostname.
Works on fail2ban 0.11.2-2 running on Debian 11.
1 2 3 4 5 6 7 8 9 10 11 12 | [INCLUDES] before = common.conf [Definition] _daemon = postfix(-\w+)?/\w+(?:/smtp[ds])? failregex = ^%(__prefix_line)swarning: hostname .*? does not resolve to address <HOST>: Name or service not known$ ignoreregex = [Init] journalmatch = _SYSTEMD_UNIT=postfix.service |
1 2 3 4 5 6 | [postfix-resolve] enabled = true maxretry = 3 logpath = %(postfix_log)s backend = %(postfix_backend)s |
1 | Apr 22 20:28:44 ahso4 postfix/submission/smtpd[1938160]: warning: hostname dsl-187-205-215-230-dyn.prod-infinitum.com.mx does not resolve to address 187.205.215.230: Name or service not known |
