Rouven Seifert
85e6ebbc29
some people have legimitate interest in accessing our services via tor in case of abuse out of these networks this commit can be reverted
28 lines
520 B
Nix
28 lines
520 B
Nix
{ config, lib, pkgs, ... }:
|
|
{
|
|
services.fail2ban = {
|
|
enable = true;
|
|
ignoreIP = [
|
|
"141.30.0.0/16"
|
|
"141.76.0.0/16"
|
|
];
|
|
bantime-increment = {
|
|
enable = true;
|
|
};
|
|
|
|
jails = {
|
|
dovecot = ''
|
|
enabled = true
|
|
# aggressive mode to add blocking for aborted connections
|
|
filter = dovecot[mode=aggressive]
|
|
maxretry = 3
|
|
'';
|
|
postfix = ''
|
|
enabled = true
|
|
filter = postfix[mode=aggressive]
|
|
maxretry = 3
|
|
'';
|
|
};
|
|
};
|
|
}
|