How-To: Installing Mailcleaner and some goodies from scratch

Users tips and ideas

Moderators: FlorianB, Pascal, bourgeois, mentor

deltacomc
Posts: 11
Joined: Wed May 07, 2014 2:07 pm
How did you hear about Mailcleaner: googling

How-To: Installing Mailcleaner and some goodies from scratch

Postby deltacomc » Fri May 30, 2014 5:30 pm

After my long journey from the first installation of mailcleaner to an productive and working mailgateway with some upgrades, i think it is time to write an unofficial howt-to for this great piece of software.
First make sure you have the following prerequisites fullfilled
- Installation of the ISO-Version Community Edition 2012.6 including patch level 2013110401

This how-to will cover the following steps:
- Install original VMWare-Tools
- Install ClamSpam, auto-update ClamSpam & SpamAssassin
- Install Bitdefender as secound line of fire for AV
- Hardening your TLS-Cipher envoirement
- F*** of with ssh/smtp-auth failures with fail2ban

**sure to be continued**
deltacomc
Posts: 11
Joined: Wed May 07, 2014 2:07 pm
How did you hear about Mailcleaner: googling

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby deltacomc » Fri May 30, 2014 6:00 pm

After the freshly installation of the MailCleaner Community Edition 2013.7 do following steps on the console:

Upgrade to patchlevel

apt-get update
apt-get upgrade
cd /usr/mailcleaner
cvs -q update -dP
source lib/updates/update_binaries.sh
stabilizeBinaries
install/install_perl_libs.sh
install/install_sa.sh
/usr/mailcleaner/bin/check_db.pl --update
/etc/init.d/mailcleaner restart

Install VMWare-Tools:

aptitude install linux-headers-3.4.3

mkdir /mnt/vmware
mount /dev/cdrom /mnt/vmware/
cp /mnt/vmware/VMwareTools-9.0.5-1065307.tar.gz /tmp
umount /mnt/vmware/
cd /tmp/
tar xvfz VMwareTools-9.0.5-1065307.tar.gz
cd vmware-tools-distrib/
ls -la
./vmware-install.pl
PATH TO HEADERS /usr/src/linux-headers-2.6.33/include

Install ClamSpam, auto-update ClamSpam & SpamAssassin

sudo apt-get install curl
mkdir /sanesecurity
mkdir /sanesecurity/cache
cd /tmp
wget http://skylink.dl.sourceforge.net/proje ... 7.2.tar.gz
tar xvfz clamav-unofficial-sigs-3.7.2.tar.gz
mv clamav-unofficial-sigs-3.7.2/* /sanesecurity/
cd /sanesecurity
cp clamav-unofficial-sigs.conf clamav-unofficial-sigs.conf_org
cat /dev/null > clamav-unofficial-sigs.conf
nano clamav-unofficial-sigs.conf

PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/clamav/bin"
export PATH
clam_user="clamav"
clam_group="clamav"
setmode="yes"
clam_dbs="/var/mailcleaner/spool/clamspam"
clamd_pid="/var/mailcleaner/run/clamav/clamspamd.pid"
reload_dbs="yes"
reload_opt="/usr/mailcleaner/etc/init.d/clamspamd restart"
clamd_socket="/var/mailcleaner/run/clamav/clamspamd.sock"
enable_random="yes"
min_sleep_time="60" # Default minimum is 60 seconds (1 minute).
max_sleep_time="600" # Default maximum is 600 seconds (10 minutes).
ss_dbs="
blurl.ndb
junk.ndb
jurlbl.ndb
phish.ndb
rogue.hdb
sanesecurity.ftm
scam.ndb
sigwhitelist.ign2
spamattach.hdb
spamimg.hdb
winnow.attachments.hdb
winnow_bad_cw.hdb
winnow_extended_malware.hdb
winnow_malware.hdb
winnow_malware_links.ndb
doppelstern.hdb
bofhland_cracked_URL.ndb
bofhland_malware_attach.hdb
bofhland_malware_URL.ndb
bofhland_phishing_URL.ndb
crdfam.clamav.hdb
phishtank.ndb
porcupine.ndb
"
si_dbs="
honeynet.hdb
securiteinfo.hdb
securiteinfobat.hdb
securiteinfodos.hdb
securiteinfoelf.hdb
securiteinfohtml.hdb
securiteinfooffice.hdb
securiteinfopdf.hdb
securiteinfosh.hdb
"
si_update_hours="4" # Default is 4 hours (6 update checks daily).
mbl_dbs="
mbl.ndb
"
mbl_update_hours="6" # Default is 6 hours (4 downloads daily).
rsync_connect_timeout="15"
rsync_max_time="60"
curl_connect_timeout="15"
curl_max_time="90"
work_dir="/sanesecurity/cache"
ss_dir="$work_dir/ss-dbs" # Sanesecurity sub-directory
si_dir="$work_dir/si-dbs" # SecuriteInfo sub-directory
mbl_dir="$work_dir/mbl-dbs" # MalwarePatrol sub-directory
config_dir="$work_dir/configs" # Script configs sub-directory
gpg_dir="$work_dir/gpg-key" # Sanesecurity GPG Key sub-directory
add_dir="$work_dir/add-dbs" # User defined databases sub-directory
keep_db_backup="no"
curl_silence="no" # Default is "no" to report curl statistics
rsync_silence="no" # Default is "no" to report rsync statistics
gpg_silence="no" # Default is "no" to report gpg signature status
comment_silence="no" # Default is "no" to report script comments
enable_logging="no"
log_file_path="/var/log"
log_file_name="clamav-unofficial-sigs.log"
rsync_proxy=""
curl_proxy=""
user_configuration_complete="yes"

cp /sanesecurity/clamav-unofficial-sigs.conf /etc/
cp /sanesecurity/clamav-unofficial-sigs-logrotate /etc/logrotate.d/clamav-unofficial-sigs

nano /etc/crontab
45 * * * * root /sanesecurity/clamav-unofficial-sigs.sh -c /etc/clamav-unofficial-sigs.conf >> /var/log/clamav-unofficial-sigs.log 2>&1

nano /usr/local/bin/sa-update-script.sh


#!/bin/bash
wget http://www.pccc.com/downloads/SpamAssas ... rib/KAM.cf
mv -f KAM.cf /usr/mailcleaner/share/spamassassin/KAM.cf

sa-update --nogpg \
--channel sought.rules.yerp.org \
--channel sa.sosdg.org \
--channel updates.spamassassin.org \
--channel 90_2tld.cf.sare.sa-update.dostech.net \
--updatedir /usr/mailcleaner/share/spamassassin \
&& /usr/mailcleaner/etc/init.d/mailscanner restart

chmod +x /usr/local/bin/sa-update-script.sh

nano /etc/crontab
30 1 * * * root /usr/local/bin/sa-update-script.sh > /dev/null 2>&1

Install Bitdefender as second AV-Scanner:

echo "deb http://download.bitdefender.com/repos/deb/ bitdefender non-free" >> /etc/apt/sources.list
wget -q http://download.bitdefender.com/repos/deb/bd.key.asc -O- | sudo apt-key add -
aptitude update
aptitude install bitdefender-scanner

Get a free subscription at Bitdefender and update the config file with your key id
http://www.bitdefender.de/site/Products/ScannerLicense/ (GER)
www.bitdefender.com/site/Products/ScannerLicense/ (ENG)

nano /opt/BitDefender-scanner/etc/bdscan.conf

Key = xxxxxx

nano /usr/mailcleaner/etc/mailscanner/virus.scanners.conf_template
bitdefender /opt/MailScanner/lib/bitdefender-wrapper /opt/BitDefender-scanner

/usr/mailcleaner/bin/mc_mysql -m
USE mc_config
INSERT INTO scanner (name,comm_name,active,path,installed,version,sig_version) VALUES('bitdefender', 'BitDefender', 1, '/opt/BitDefender-scanner', 1, '', '');
quit

/usr/mailcleaner/etc/init.d/mailscanner restart

/opt/BitDefender-scanner/bin/bdscan
/opt/BitDefender-scanner/bin/bdscan --update
/opt/BitDefender-scanner/bin/bdscan /root

If you get an error message do the following tasks:

rm /opt/BitDefender-scanner/var/lib/scan/bdcore.so
cat /opt/BitDefender-scanner/var/lib/scan/versions.dat.* |awk '/bdcore.so.linux/{print $3}'|while read bdcore_so;do touch /opt/BitDefender-scanner/var/lib/scan/$bdcore_so;bdscan --update;ln -s /opt/BitDefender-scanner/var/lib/scan/$bdcore_so /opt/BitDefender-scanner/var/lib/scan/bdcore.so;done
/opt/BitDefender-scanner/bin/bdscan /root

If all working flawless, make an cron-entry for updating the virus-db
nano /etc/crontab
30 */2 * * * root /opt/BitDefender-scanner/bin/bdscan --update > /dev/null 2>&1

Hardening TLS/SSL-Ciphers:

cp httpd.conf_template httpd.conf_template_org

nano /usr/mailcleaner/etc/apache/httpd.conf_template
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4:!ADH

Please remeber that those settings get lost if updating with regular cvs-updates

Get rich of smtp-auth failures:

aptitude install fail2ban

nano /etc/fail2ban/filter.d/exim2.conf

# Fail2Ban filter for exim
#
# This includes the rejection messages of exim. For spam and filter
# related bans use the exim-spam.conf
#


[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# exim-common.local
# before = exim-common.conf

[Definition]

failregex = \[<HOST>\]: 535 Incorrect authentication data

ignoreregex =

nano /etc/fail2ban/jail.conf

[exim2]

enabled = true
port = smtp
protocol = tcp
filter = exim2
action = iptables-repeater[name=smtp]
logpath = /var/mailcleaner/log/exim_stage1/rejectlog

nano /etc/fail2ban/action.d/iptables-repeater.conf

[Definition]

# Option: actionstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart = iptables -N fail2ban-REPEAT-<name>
iptables -A fail2ban-REPEAT-<name> -j RETURN
iptables -I INPUT -j fail2ban-REPEAT-<name>
# set up from the static file
cat /etc/fail2ban/ip.blocklist.<name> |grep -v ^\s*#|awk '{print $1}' | while read IP; do iptables -I fail2ban-REPEAT-<name> 1 -s $IP -j DROP; done

# Option: actionstop
# Notes.: command executed once at the end of Fail2Ban
# Values: CMD
#
actionstop = iptables -D INPUT -j fail2ban-REPEAT-<name>
iptables -F fail2ban-REPEAT-<name>
iptables -X fail2ban-REPEAT-<name>

# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck = iptables -n -L INPUT | grep -q fail2ban-REPEAT-<name>

# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <time> unix timestamp of the ban time
# Values: CMD
#
actionban = iptables -I fail2ban-REPEAT-<name> 1 -s <ip> -j DROP
# also put into the static file to re-populate after a restart
! grep -Fq <ip> /etc/fail2ban/ip.blocklist.<name> && echo "<ip> # fail2ban/$( date '+%%Y-%%m-%%d %%T' ): auto-add for repeat offender" >> /etc/fail2ban/ip.blocklist.<name>

# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <time> unix timestamp of the ban time
# Values: CMD
#
actionunban = /bin/true

[Init]

# Defaut name of the chain
#
name = REPEAT
Last edited by deltacomc on Wed Dec 17, 2014 7:16 pm, edited 4 times in total.
deltacomc
Posts: 11
Joined: Wed May 07, 2014 2:07 pm
How did you hear about Mailcleaner: googling

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby deltacomc » Fri May 30, 2014 6:42 pm

**Reserved**
seansco
Posts: 41
Joined: Fri May 30, 2014 7:21 pm
How did you hear about Mailcleaner: hmailserver forum

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby seansco » Mon Jun 02, 2014 4:41 pm

Just installing mailcleaner. Thanks for this...
seansco
Posts: 41
Joined: Fri May 30, 2014 7:21 pm
How did you hear about Mailcleaner: hmailserver forum

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby seansco » Mon Jun 02, 2014 4:57 pm

Found type-o
deltacomc wrote:wget http://skylink.dl.sourceforge.net/proje ... 7.2.tar.gz
tar xvfz clamav-unofficial-sigs-3.7.2.tar.gz
mv clamav-unofficial-sigs-3.7.1/* /sanesecurity/
cd /sanesecurity
cp clamav-unofficial-sigs.conf clamav-unofficial-sigs.conf_org
cat /dev/null > clamav-unofficial-sigs.conf
nano clamav-unofficial-sigs.conf


should be: mv clamav-unofficial-sigs-3.7.2/* /sanesecurity/
deltacomc
Posts: 11
Joined: Wed May 07, 2014 2:07 pm
How did you hear about Mailcleaner: googling

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby deltacomc » Tue Jun 03, 2014 5:24 pm

seansco wrote:Found type-o
deltacomc wrote:wget http://skylink.dl.sourceforge.net/proje ... 7.2.tar.gz
tar xvfz clamav-unofficial-sigs-3.7.2.tar.gz
mv clamav-unofficial-sigs-3.7.1/* /sanesecurity/
cd /sanesecurity
cp clamav-unofficial-sigs.conf clamav-unofficial-sigs.conf_org
cat /dev/null > clamav-unofficial-sigs.conf
nano clamav-unofficial-sigs.conf


should be: mv clamav-unofficial-sigs-3.7.2/* /sanesecurity/


Corrected :) Thanks for this!
cglmicro
Posts: 257
Joined: Thu Mar 07, 2013 2:12 am
How did you hear about Mailcleaner: google

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby cglmicro » Sun Dec 07, 2014 2:38 am

Another correction just after :

Code: Select all

chmod +x /usr/local/bin/sa-update-script.sh


should add:

Code: Select all

nano /usr/local/bin/sa-update-script.sh


Should also insert this to solve the sanesecurity update reporting an error on GPG key:

Code: Select all

sudo apt-get install curl


Get a free subscription at Bitdefender and update the config file with your key id

And any hint how to get a key ID ? I searched and can't find where to get this from BD website.
deltacomc
Posts: 11
Joined: Wed May 07, 2014 2:07 pm
How did you hear about Mailcleaner: googling

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby deltacomc » Mon Dec 08, 2014 1:51 pm

cglmicro wrote:Another correction just after :

Code: Select all

......


Updated :)

Get a free subscription at Bitdefender and update the config file with your key id

And any hint how to get a key ID ? I searched and can't find where to get this from BD website.


Added Link for free subscription:
http://www.bitdefender.de/site/Products/ScannerLicense/
cglmicro
Posts: 257
Joined: Thu Mar 07, 2013 2:12 am
How did you hear about Mailcleaner: google

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby cglmicro » Tue Dec 09, 2014 9:24 pm

Deltacomc, question: Shouldn't you remove the KHOP from /usr/local/bin/sa-update-script.sh ? I think it's no longer maintained.
Also, you can add KAM.CF and go with the following channels, unless you suggest something better than my setup ?


Code: Select all

nano /usr/local/bin/sa-update-script.sh


#!/bin/bash
wget http://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf
mv -f KAM.cf /usr/mailcleaner/share/spamassassin/KAM.cf

sa-update --nogpg \
--channel sought.rules.yerp.org \
--channel sa.sosdg.org \
--channel updates.spamassassin.org \
--channel 90_2tld.cf.sare.sa-update.dostech.net \
--updatedir /usr/mailcleaner/share/spamassassin \
&& /usr/mailcleaner/etc/init.d/mailscanner restart


For the link to register the BitDefender: I can't get to switch to English from their page, but you could change the link for www.bitdefender.com/site/Products/ScannerLicense/ that will be in English.
deltacomc
Posts: 11
Joined: Wed May 07, 2014 2:07 pm
How did you hear about Mailcleaner: googling

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby deltacomc » Wed Dec 17, 2014 7:20 pm

cglmicro wrote:Deltacomc, question: Shouldn't you remove the KHOP from /usr/local/bin/sa-update-script.sh ? I think it's no longer maintained.
Also, you can add KAM.CF and go with the following channels, unless you suggest something better than my setup ?


Code: Select all

nano /usr/local/bin/sa-update-script.sh


#!/bin/bash
wget http://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf
mv -f KAM.cf /usr/mailcleaner/share/spamassassin/KAM.cf

sa-update --nogpg \
--channel sought.rules.yerp.org \
--channel sa.sosdg.org \
--channel updates.spamassassin.org \
--channel 90_2tld.cf.sare.sa-update.dostech.net \
--updatedir /usr/mailcleaner/share/spamassassin \
&& /usr/mailcleaner/etc/init.d/mailscanner restart


For the link to register the BitDefender: I can't get to switch to English from their page, but you could change the link for http://www.bitdefender.com/site/Product ... erLicense/ that will be in English.


Updated the code as requested, i think i will rewrite the how-to in general to get more features and updated settings .. :D
BearHub
Posts: 1
Joined: Fri Jun 19, 2015 10:08 am
How did you hear about Mailcleaner: google search

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby BearHub » Fri Jun 19, 2015 10:33 am

Hey guys!

Hopefully you can help? I am trying to get Fail2Ban to work with Mailcleaner as I have hundreds of failed SMTP login / Brute Force SMTP sessions each day so want the ips to be automatically banned for a period of time.

I have followed the instructions above regarding Fail2Ban however when i try to restart/start the service i get the following error:


Status of authentication failure monitor:fail2ban is not running ... (warning).

I have narrowed it down the this piece of information, when I add the below text as stated in the instructions that when the service fails - however if I remove the text the service restart and start perfectly but obviously then does not block invalid SMTP logins.

nano /etc/fail2ban/jail.conf

[exim2]

enabled = true
port = smtp
protocol = tcp
filter = exim2
action = iptables-repeater[name=smtp]
logpath = /var/mailcleaner/log/exim_stage1/rejectlog


I'm a little confused to say the least, any help would be greatly appreciated as would like to prevent these vast login attempts/brute force attacks.

Thanks.
Colin
Posts: 23
Joined: Tue Sep 23, 2014 3:03 pm
How did you hear about Mailcleaner: Google
Location: UK

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby Colin » Mon Aug 10, 2015 5:28 am

Am experiencing the exact same issue when trying to restart fail2ban:

Status of authentication failure monitor:fail2ban is not running ... (warning).

Would love some help/advice?
Colin
Posts: 23
Joined: Tue Sep 23, 2014 3:03 pm
How did you hear about Mailcleaner: Google
Location: UK

Re: How-To: Installing Mailcleaner and some goodies from scr

Postby Colin » Mon Aug 10, 2015 6:20 am

Got it to work.

I think there's some sort of formatting error if you cut and paste the

Code: Select all

iptables-repeater.conf
file contents from the post above.

I cut and pasted this version instead and it seems to work fine now.

Source: http://stuffphilwrites.com/2013/03/perm ... -fail2ban/
rajbps
Posts: 21
Joined: Thu Dec 22, 2011 11:13 pm
How did you hear about Mailcleaner: search engine

Re: How-To: Installing Mailcleaner and some goodies from scratch

Postby rajbps » Wed Sep 14, 2016 10:10 pm

Hi Team,

I have tried to installed fail2ban and came accross some difficulties and managed to get it going so just sharing my experiance.

Installed fail2ban with

aptitude install fail2ban

Now for the second bit:

nano /etc/fail2ban/filter.d/exim2.conf

# Fail2Ban filter for exim
#
# This includes the rejection messages of exim. For spam and filter
# related bans use the exim-spam.conf
#


[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# exim-common.local
# before = exim-common.conf

[Definition]

failregex = \[<HOST>\]: 535 Incorrect authentication data

ignoreregex =



Now the other one is:
nano /etc/fail2ban/jail.conf

Add the following at the end of the file :


[exim2-repeater]

enabled = true
filter = exim2
action = iptables-repeater[name=exim2]
##logpath = /var/mailcleaner/log/exim_stage1/mainlog
logpath = /var/mailcleaner/log/exim_stage1/rejectlog
maxretry = 1
findtime = 31536000
bantime = 31536000


Next :

nano /etc/fail2ban/action.d/iptables-repeater.conf

# Fail2ban configuration file
#
# Author: Phil Hagen <phil@identityvector.com>
#

[Definition]

# Option: actionstart
# Notes.: command executed once at the start of Fail2Ban.
# Values: CMD
#
actionstart = iptables -N fail2ban-REPEAT-<name>
iptables -A fail2ban-REPEAT-<name> -j RETURN
iptables -I INPUT -j fail2ban-REPEAT-<name>
# set up from the static file
cat /etc/fail2ban/ip.blocklist.<name> |grep -v ^\s*#|awk '{print $1}' | while read IP; do iptables -I fail2ban-REPEAT-<name> 1 -s $IP -j DROP; done

# Option: actionstop
# Notes.: command executed once at the end of Fail2Ban
# Values: CMD
#
actionstop = iptables -D INPUT -j fail2ban-REPEAT-<name>
iptables -F fail2ban-REPEAT-<name>
iptables -X fail2ban-REPEAT-<name>

# Option: actioncheck
# Notes.: command executed once before each actionban command
# Values: CMD
#
actioncheck = iptables -n -L INPUT | grep -q fail2ban-REPEAT-<name>

# Option: actionban
# Notes.: command executed when banning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <time> unix timestamp of the ban time
# Values: CMD
#
actionban = iptables -I fail2ban-REPEAT-<name> 1 -s <ip> -j DROP
# also put into the static file to re-populate after a restart
! grep -Fq <ip> /etc/fail2ban/ip.blocklist.<name> && echo "<ip> # fail2ban/$( date '+%%Y-%%m-%%d %%T' ): auto-add for repeat offender" >> /etc/fail2ban/ip.blocklist.<name>

# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
# command is executed with Fail2Ban user rights.
# Tags: <ip> IP address
# <failures> number of failures
# <time> unix timestamp of the ban time
# Values: CMD
#
actionunban = /bin/true

[Init]

# Defaut name of the chain
#
name = REPEAT


Next, i created an empty file in

nano /etc/fail2ban/ip.blocklist.exim2

Now reboot and everything should work. I can see the file ip.blocklist.exim2 getting updated.

Example is :
202.65.138.2 # fail2ban/2016-09-14 10:06:29: auto-add for repeat offender
93.174.93.46 # fail2ban/2016-09-14 13:22:24: auto-add for repeat offender
37.18.172.171 # fail2ban/2016-09-14 16:01:06: auto-add for repeat offender
211.110.127.207 # fail2ban/2016-09-14 16:34:31: auto-add for repeat offender
185.29.8.141 # fail2ban/2016-09-14 16:35:42: auto-add for repeat offender
148.251.65.25 # fail2ban/2016-09-14 18:51:51: auto-add for repeat offender

This worked for me.

Also get some help with google search link below:

http://www.miguelcoa.cl/blog/2016/04/15 ... ilcleaner/

Hope this helps someone else :-)

Rajbps
Renovatio
Posts: 5
Joined: Fri Nov 17, 2017 4:49 pm
How did you hear about Mailcleaner: Google

Re: How-To: Installing Mailcleaner and some goodies from scratch

Postby Renovatio » Sun Nov 19, 2017 2:34 am

rajbps wrote:Hi Team,

I have tried to installed fail2ban and came accross some difficulties and managed to get it going so just sharing my experiance.

(...)

Rajbps


Thanks a lot for sharing this, exactly what I was searching for :D

Return to “Tips”

Who is online

Users browsing this forum: No registered users and 1 guest