From 0712f02d409ea8eec0aa6b32d02a05e5ce80cf11 Mon Sep 17 00:00:00 2001
From: Rouven Seifert <rouven@rfive.de>
Date: Thu, 19 Oct 2023 14:24:11 +0200
Subject: [PATCH] fail2ban: setup postfix and dovecot

---
 modules/fail2ban.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/modules/fail2ban.nix b/modules/fail2ban.nix
index f9d8183..1e4da49 100644
--- a/modules/fail2ban.nix
+++ b/modules/fail2ban.nix
@@ -9,6 +9,17 @@
         bantime = 25h
         action = iptables-allports[name=fail2banTOR, protocol=all]
       '';
+      dovecot = ''
+        enabled = true
+        # aggressive mode to add blocking for aborted connections
+        filter = dovecot[mode=aggressive]
+        maxretry = 3
+      '';
+      postfix = ''
+        enabled = true
+        filter = postfix[mode=aggressive]
+        maxretry = 3
+      '';
     };
   };