[Pkg-exim4-users] Exim not playing with Fail2Ban on Debian Wheezy i386
Just Ian
superian at gmail.com
Sun Jun 8 13:45:20 UTC 2014
Interestingly, if I create a new DigitalOcean Debian 7/32 droplet and just do...
root at twilts:~# history
1 apt-get update
2 apt-get upgrade
3 shutdown now -r
(one of the updates was the kernel)
4 adduser ian
(this is who root and postmaster will be aliased to at step 6)
4 apt-get install joe exim4 fail2ban
5 jstar /etc/fail2ban/jail.local
/etc/fail2ban/jail.local:
[DEFAULT]
ignoreip = 127.0.0.1/8
destemail = ian at example.com
findtime = 600
bantime = 86400
banaction = iptables-multiport
action = %(action_mwl)s
mta=sendmail
# JAILS
[ssh]
enabled = true
6 dpkg-reconfigure exim4-config
/etc/exim4/update-exim4.conf.conf:
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to generate
# exim configuration macros for the configuration file.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file
dc_eximconfig_configtype='internet'
dc_other_hostnames=''
dc_local_interfaces='127.0.0.1'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
7 service fail2ban restart
.. it works. But I really can't see what makes the difference - the
exim4 conf is the same and the fail2ban conf is smaller (only one jail
rather than several), but the critical bits are the same. The
/usr/sbin/sendmail binaries have the same MD5 hash too. I can even add
the UFW firewall and block everything from coming in except OpenSSH,
and it still works.
Ian
More information about the Pkg-exim4-users
mailing list