NAME

       Mail::MtPolicyd::Plugin::Fail2Ban - mtpolicyd plugin to block an address with fail2ban

VERSION

       version 2.02

DESCRIPTION

       This plugin can be used to block an ip with iptable thru the fail2ban daemon.

       For more information abount fail2ban read:

       http://www.fail2ban.org/

       This plugin will directly talk to the daemon thru the unix domain socket and execute an
       banip command:

         set <JAIL> banip <IP>

PARAMETERS

       socket (default: /var/run/fail2ban/fail2ban.sock)
           Path to the fail2ban unix socket.

           Make sure mtpolicyd is allowed to write to this socket!

       jail (default: postfix)
           The jail in which the ip should be banned.

EXAMPLE

       Execute a ban on all client-ips which send a mail with a score of >=15:

         <Plugin ScoreBan>
           module = "ScoreAction"
           threshold = 15
           <Plugin ban-ip>
             module = "Fail2Ban"
             socket = "/var/run/fail2ban/fail2ban.sock"
             jail = "postfix"
           </Plugin>
         </Plugin>

FAIL2BAN CONFIGURATION

       To allow mtpolicyd to access fail2ban you must make sure fail2ban can write to the
       fail2ban unix socket.

         chgrp mtpolicyd /var/run/fail2ban/fail2ban.sock
         chmod g+rwx /var/run/fail2ban/fail2ban.sock

       You may want to add this to the fail2ban startup script.

       You may want to use the predefined postfix jail.  To activate it create
       /etc/fail2ban/jail.local and enable the postfix fail by setting enabled=true.

         [postfix]
         enabled = true

AUTHOR

       Markus Benning <ich@markusbenning.de>

COPYRIGHT AND LICENSE

       This software is Copyright (c) 2014 by Markus Benning <ich@markusbenning.de>.

       This is free software, licensed under:

         The GNU General Public License, Version 2, June 1991