On Fri, 22 May 2020, Jerry wrote:
On Thu, 21 May 2020 23:22:04 -0700, lists stated:
I use SSHGuard on well ssh (doh!), but supposedly you can use it for
postfix and dovecot also. I can tell you it is well supported. I am
on Centos 7 using firewalld.
SSHGuard works fairly well with Postfix; however, it is virtually
useless with Dovecot. It never picks up on "auth fail" and a few
others. I have submitted documentation and requests to SSHGuard, but
they have never acted upon them, other than to say that they will look
into it.
That's the beauty of open source -- if you got time and skillz, you
can roll up your sleeves and do it yourself. I peeked at the source,
and it requires some Lex/Yacc coding. Even if you don't have those
codng skills, you can probably make a good guess by looking at the
.l/.y files.
The authors can make it a lot easier to extend if they externalize the
patterns into runtime configuration like fail2ban does, rather than
baking them into executables.
Joseph Tam <jtam.h...@gmail.com>
