Gecko [ www.thearyasamaj.org ]

Name	Size	Permission
ignorecommands	[ DIR ]	drwxr-xr-x
3proxy.conf	467 B	-rw-r--r--
apache-auth.conf	3.15 KB	-rw-r--r--
apache-badbots.conf	2.76 KB	-rw-r--r--
apache-botsearch.conf	1.24 KB	-rw-r--r--
apache-common.conf	1.58 KB	-rw-r--r--
apache-fakegooglebot.conf	324 B	-rw-r--r--
apache-modsecurity.conf	511 B	-rw-r--r--
apache-nohome.conf	596 B	-rw-r--r--
apache-noscript.conf	1.22 KB	-rw-r--r--
apache-overflows.conf	2.13 KB	-rw-r--r--
apache-pass.conf	362 B	-rw-r--r--
apache-shellshock.conf	1020 B	-rw-r--r--
assp.conf	3.41 KB	-rw-r--r--
asterisk.conf	2.31 KB	-rw-r--r--
bitwarden.conf	427 B	-rw-r--r--
botsearch-common.conf	522 B	-rw-r--r--
centreon.conf	307 B	-rw-r--r--
common.conf	2.71 KB	-rw-r--r--
counter-strike.conf	244 B	-rw-r--r--
courier-auth.conf	429 B	-rw-r--r--
courier-smtp.conf	512 B	-rw-r--r--
cyrus-imap.conf	444 B	-rw-r--r--
directadmin.conf	338 B	-rw-r--r--
domino-smtp.conf	2.06 KB	-rw-r--r--
dovecot.conf	2.4 KB	-rw-r--r--
dropbear.conf	1.69 KB	-rw-r--r--
drupal-auth.conf	557 B	-rw-r--r--
ejabberd-auth.conf	1.54 KB	-rw-r--r--
exim-common.conf	516 B	-rw-r--r--
exim-spam.conf	2.11 KB	-rw-r--r--
exim.conf	2.81 KB	-rw-r--r--
freeswitch.conf	1.88 KB	-rw-r--r--
froxlor-auth.conf	1.18 KB	-rw-r--r--
gitlab.conf	236 B	-rw-r--r--
grafana.conf	388 B	-rw-r--r--
groupoffice.conf	236 B	-rw-r--r--
gssftpd.conf	322 B	-rw-r--r--
guacamole.conf	1.41 KB	-rw-r--r--
haproxy-http-auth.conf	1.14 KB	-rw-r--r--
horde.conf	404 B	-rw-r--r--
kerio.conf	938 B	-rw-r--r--
lighttpd-auth.conf	333 B	-rw-r--r--
mongodb-auth.conf	2.23 KB	-rw-r--r--
monit.conf	787 B	-rw-r--r--
murmur.conf	927 B	-rw-r--r--
mysqld-auth.conf	953 B	-rw-r--r--
nagios.conf	400 B	-rw-r--r--
named-refused.conf	1.46 KB	-rw-r--r--
nginx-botsearch.conf	681 B	-rw-r--r--
nginx-http-auth.conf	485 B	-rw-r--r--
nginx-limit-req.conf	1.42 KB	-rw-r--r--
nsd.conf	760 B	-rw-r--r--
openhab.conf	452 B	-rw-r--r--
openwebmail.conf	495 B	-rw-r--r--
oracleims.conf	1.89 KB	-rw-r--r--
pam-generic.conf	947 B	-rw-r--r--
perdition.conf	568 B	-rw-r--r--
php-url-fopen.conf	891 B	-rw-r--r--
phpmyadmin-syslog.conf	278 B	-rw-r--r--
portsentry.conf	242 B	-rw-r--r--
postfix.conf	3.09 KB	-rw-r--r--
proftpd.conf	1.14 KB	-rw-r--r--
pure-ftpd.conf	2.35 KB	-rw-r--r--
qmail.conf	795 B	-rw-r--r--
recidive.conf	1.34 KB	-rw-r--r--
roundcube-auth.conf	1.46 KB	-rw-r--r--
screensharingd.conf	821 B	-rw-r--r--
selinux-common.conf	538 B	-rw-r--r--
selinux-ssh.conf	570 B	-rw-r--r--
sendmail-auth.conf	776 B	-rw-r--r--
sendmail-reject.conf	2.88 KB	-rw-r--r--
sieve.conf	371 B	-rw-r--r--
slapd.conf	706 B	-rw-r--r--
softethervpn.conf	451 B	-rw-r--r--
sogo-auth.conf	722 B	-rw-r--r--
solid-pop3d.conf	1.07 KB	-rw-r--r--
squid.conf	260 B	-rw-r--r--
squirrelmail.conf	191 B	-rw-r--r--
sshd.conf	7.34 KB	-rw-r--r--
stunnel.conf	363 B	-rw-r--r--
suhosin.conf	649 B	-rw-r--r--
tine20.conf	890 B	-rw-r--r--
traefik-auth.conf	2.33 KB	-rw-r--r--
uwimap-auth.conf	374 B	-rw-r--r--
vsftpd.conf	637 B	-rw-r--r--
webmin-auth.conf	444 B	-rw-r--r--
wuftpd.conf	520 B	-rw-r--r--
xinetd-fail.conf	521 B	-rw-r--r--
znc-adminlog.conf	912 B	-rw-r--r--
zoneminder.conf	524 B	-rw-r--r--

Name

Size

Permission

Action

ignorecommands

[ DIR ]

drwxr-xr-x

3proxy.conf

467 B

-rw-r--r--

apache-auth.conf

3.15 KB

-rw-r--r--

apache-badbots.conf

2.76 KB

-rw-r--r--

apache-botsearch.conf

1.24 KB

-rw-r--r--

apache-common.conf

1.58 KB

-rw-r--r--

apache-fakegooglebot.conf

324 B

-rw-r--r--

apache-modsecurity.conf

511 B

-rw-r--r--

apache-nohome.conf

596 B

-rw-r--r--

apache-noscript.conf

1.22 KB

-rw-r--r--

apache-overflows.conf

2.13 KB

-rw-r--r--

apache-pass.conf

362 B

-rw-r--r--

apache-shellshock.conf

1020 B

-rw-r--r--

assp.conf

3.41 KB

-rw-r--r--

asterisk.conf

2.31 KB

-rw-r--r--

bitwarden.conf

427 B

-rw-r--r--

botsearch-common.conf

522 B

-rw-r--r--

centreon.conf

307 B

-rw-r--r--

common.conf

2.71 KB

-rw-r--r--

counter-strike.conf

244 B

-rw-r--r--

courier-auth.conf

429 B

-rw-r--r--

courier-smtp.conf

512 B

-rw-r--r--

cyrus-imap.conf

444 B

-rw-r--r--

directadmin.conf

338 B

-rw-r--r--

domino-smtp.conf

2.06 KB

-rw-r--r--

dovecot.conf

2.4 KB

-rw-r--r--

dropbear.conf

1.69 KB

-rw-r--r--

drupal-auth.conf

557 B

-rw-r--r--

ejabberd-auth.conf

1.54 KB

-rw-r--r--

exim-common.conf

516 B

-rw-r--r--

exim-spam.conf

2.11 KB

-rw-r--r--

exim.conf

2.81 KB

-rw-r--r--

freeswitch.conf

1.88 KB

-rw-r--r--

froxlor-auth.conf

1.18 KB

-rw-r--r--

gitlab.conf

236 B

-rw-r--r--

grafana.conf

388 B

-rw-r--r--

groupoffice.conf

236 B

-rw-r--r--

gssftpd.conf

322 B

-rw-r--r--

guacamole.conf

1.41 KB

-rw-r--r--

haproxy-http-auth.conf

1.14 KB

-rw-r--r--

horde.conf

404 B

-rw-r--r--

kerio.conf

938 B

-rw-r--r--

lighttpd-auth.conf

333 B

-rw-r--r--

mongodb-auth.conf

2.23 KB

-rw-r--r--

monit.conf

787 B

-rw-r--r--

murmur.conf

927 B

-rw-r--r--

mysqld-auth.conf

953 B

-rw-r--r--

nagios.conf

400 B

-rw-r--r--

named-refused.conf

1.46 KB

-rw-r--r--

nginx-botsearch.conf

681 B

-rw-r--r--

nginx-http-auth.conf

485 B

-rw-r--r--

nginx-limit-req.conf

1.42 KB

-rw-r--r--

nsd.conf

760 B

-rw-r--r--

openhab.conf

452 B

-rw-r--r--

openwebmail.conf

495 B

-rw-r--r--

oracleims.conf

1.89 KB

-rw-r--r--

pam-generic.conf

947 B

-rw-r--r--

perdition.conf

568 B

-rw-r--r--

php-url-fopen.conf

891 B

-rw-r--r--

phpmyadmin-syslog.conf

278 B

-rw-r--r--

portsentry.conf

242 B

-rw-r--r--

postfix.conf

3.09 KB

-rw-r--r--

proftpd.conf

1.14 KB

-rw-r--r--

pure-ftpd.conf

2.35 KB

-rw-r--r--

qmail.conf

795 B

-rw-r--r--

recidive.conf

1.34 KB

-rw-r--r--

roundcube-auth.conf

1.46 KB

-rw-r--r--

screensharingd.conf

821 B

-rw-r--r--

selinux-common.conf

538 B

-rw-r--r--

selinux-ssh.conf

570 B

-rw-r--r--

sendmail-auth.conf

776 B

-rw-r--r--

sendmail-reject.conf

2.88 KB

-rw-r--r--

sieve.conf

371 B

-rw-r--r--

slapd.conf

706 B

-rw-r--r--

softethervpn.conf

451 B

-rw-r--r--

sogo-auth.conf

722 B

-rw-r--r--

solid-pop3d.conf

1.07 KB

-rw-r--r--

squid.conf

260 B

-rw-r--r--

squirrelmail.conf

191 B

-rw-r--r--

sshd.conf

7.34 KB

-rw-r--r--

stunnel.conf

363 B

-rw-r--r--

suhosin.conf

649 B

-rw-r--r--

tine20.conf

890 B

-rw-r--r--

traefik-auth.conf

2.33 KB

-rw-r--r--

uwimap-auth.conf

374 B

-rw-r--r--

vsftpd.conf

637 B

-rw-r--r--

webmin-auth.conf

444 B

-rw-r--r--

wuftpd.conf

520 B

-rw-r--r--

xinetd-fail.conf

521 B

-rw-r--r--

znc-adminlog.conf

912 B

-rw-r--r--

zoneminder.conf

524 B

-rw-r--r--

Code Editor : sendmail-reject.conf

# Fail2Ban filter for sendmail spam/relay type failures
#
# Some of the below failregex will only work properly, when the following
# options are set in the .mc file (see your Sendmail documentation on how
# to modify it and generate the corresponding .cf file):
#
# FEATURE(`delay_checks')
# FEATURE(`greet_pause', `500')
# FEATURE(`ratecontrol', `nodelay', `terminate')
# FEATURE(`conncontrol', `nodelay', `terminate')
#
# ratecontrol and conncontrol also need corresponding options ClientRate:
# and ClientConn: in the access file, see documentation for ratecontrol and
# conncontrol in the sendmail/cf/README file.

[INCLUDES]

before = common.conf

[Definition]

_daemon = (?:(sm-(mta|acceptingconnections)|sendmail))
__prefix_line = %(known/__prefix_line)s(?:\w{14,20}: )?
addr = (?:IPv6:<IP6>|<IP4>)

prefregex = ^<F-MLFID>%(__prefix_line)s</F-MLFID><F-CONTENT>.+</F-CONTENT>$

cmnfailre = ^ruleset=check_rcpt, arg1=(?P<email><\S+@\S+>), relay=(\S+ )?\[%(addr)s\](?: $may be forged$)?, reject=(550 5\.7\.1 (?P=email)\.\.\. Relaying denied\. (IP name possibly forged \[(\d+\.){3}\d+\]|Proper authentication required\.|IP name lookup failed \[(\d+\.){3}\d+\])|553 5\.1\.8 (?P=email)\.\.\. Domain of sender address \S+ does not exist|550 5\.[71]\.1 (?P=email)\.\.\. (Rejected: .*|User unknown))$
            ^ruleset=check_relay, arg1=(?P<dom>\S+), arg2=%(addr)s, relay=((?P=dom) )?\[(\d+\.){3}\d+\](?: $may be forged$)?, reject=421 4\.3\.2 (Connection rate limit exceeded\.|Too many open connections\.)$
            ^rejecting commands from (\S* )?\[%(addr)s\] due to pre-greeting traffic after \d+ seconds$
            ^(?:\S+ )?\[%(addr)s\]: (?:(?i)expn|vrfy) \S+ \[rejected\]$
            ^<[^@]+@[^>]+>\.\.\. No such user here$
            ^<F-NOFAIL>from=<[^@]+@[^>]+></F-NOFAIL>, size=\d+, class=\d+, nrcpts=\d+, bodytype=\w+, proto=E?SMTP, daemon=MTA, relay=\S+ \[%(addr)s\]$

mdre-normal =

mdre-extra = ^(?:\S+ )?\[%(addr)s\](?: $may be forged$)? did not issue \S+ during connection

mdre-aggressive = %(mdre-extra)s

failregex = %(cmnfailre)s
            <mdre-<mode>>

# Parameter "mode": normal (default), extra or aggressive
# Usage example (for jail.local):
#   [sendmail-reject]
#   filter = sendmail-reject[mode=extra]
#
mode = normal

ignoreregex =

journalmatch = SYSLOG_IDENTIFIER=sm-mta + _SYSTEMD_UNIT=sendmail.service

# DEV NOTES:
# 
# Regarding the multiline regex:
#
# "No such user" lines generate a failure and needs to be matched together with
# another line with the HOST, therefore no-failure line was added as regex, that
# contains HOST (see line with tag <F-NOFAIL>).
#
# Note the capture <F-MLFID>, includes both the __prefix_lines (which includes
# the sendmail PID), but also the `\w{14}` which the the sendmail assigned 
# mail ID (todo: check this is necessary, possible obsolete).
#
# Author: Daniel Black, Fabian Wenk and Sergey Brester aka sebres.
# Rewritten using prefregex by Serg G. Brester.

${this.title}

Code Editor : sendmail-reject.conf