[DEFAULT]

#
# MISCELLANEOUS OPTIONS
#

# "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban
# will not ban a host which matches an address in this list. Several addresses
# can be defined using space (and/or comma) separator.
ignoreip = 127.0.0.1/8,::1 10.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16 5.101.171.210/28,2a01:a500:2981:1::/64 91.109.244.7,91.109.244.8,91.109.244.9,91.109.244.10,91.109.244.11,2a02:2498:1:227::/64 88.80.191.137,2a01:7e00::f03c:93ff:fe86:afae 185.176.90.169,2a07:4580:b0d:57f::169 afterdark.org.uk

# "bantime" is the number of seconds that a host is banned.
bantime  = 2d

# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime  = 8h

# "maxretry" is the number of failures before a host get banned.
maxretry = 3

# "usedns" specifies if jails should trust hostnames in logs,
#   warn when DNS lookups are performed, or ignore all hostnames in logs
#
# yes:   if a hostname is encountered, a DNS lookup will be performed.
# warn:  if a hostname is encountered, a DNS lookup will be performed,
#        but it will be logged as a warning.
# no:    if a hostname is encountered, will not be used for banning,
#        but it will be logged as info.
# raw:   use raw value (no hostname), allow use it for no-host filters/actions (example user)
usedns = yes

#
# ACTIONS
#

# Some options used for actions

# Destination email address used solely for the interpolations in
# jail.{conf,local,d/*} configuration files.
# FIXME: Set correct destination address.
destemail = sysadmin@slackware.network
destemail = sysadmin@afterdark.org.uk

# Sender email address used solely for some actions
# FIXME: Set the correct sender address.
sender = noreply@slackware.network
sender = noreply@afterdark.org.uk

#
# JAILS
#

# FIXME: Enable the correct jails for host.
[dovecot]
enabled = no
filter = dovecot
port = imap2,imaps,pop3,pop3s
logpath = /var/log/imapd
mode = normal

[exim]
enabled = no
filter = exim
port = smtp,smtps,submission
logpath = /var/log/smtp
mode = normal

[proftpd]
enabled = no
filter = proftpd
port = ftp,ftps
logfile = /var/log/ftpd

[roundcube]
enabled = no
filter = roundcube-auth
port = http,https
logfile = /data/sites/webmail.slackware.network/logs/roundcube/userlogins.log
maxretry = 10

[sshd]
# Modes are: normal (default), ddos, extra or aggressive (combines all).
enabled	= yes
filter = sshd
port = ssh,9922
mode = aggressive