From 9dab8f4f04efd6cfd0a07d86404c2536b68d2517 Mon Sep 17 00:00:00 2001
From: Alberto Bertogli <albertito@blitiri.com.ar>
Date: Sun, 17 Nov 2024 10:25:58 +0000
Subject: [PATCH] etc: Add fail2ban filter configuration example

This patch adds a fail2ban filter configuration example for chasquid.

It can be used to configure fail2ban to detect IPs causing connection
churn or high rate of errors.
---
 etc/fail2ban/filter.d/chasquid.conf | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 etc/fail2ban/filter.d/chasquid.conf

diff --git a/etc/fail2ban/filter.d/chasquid.conf b/etc/fail2ban/filter.d/chasquid.conf
new file mode 100644
index 0000000..b5c6e2e
--- /dev/null
+++ b/etc/fail2ban/filter.d/chasquid.conf
@@ -0,0 +1,11 @@
+# fail2ban filter config for chasquid SMTP server.
+[INCLUDES]
+before = common.conf
+
+[Definition]
+# Identify addresses that triggered an SMTP connection error.
+failregex = SMTP.Conn <ADDR>:\d+: error:
+
+[Init]
+journalmatch = _SYSTEMD_UNIT=chasquid.service
+