[DEFAULT]

#
# ACTIONS
#

# Default banning action (e.g. iptables, iptables-new,
# iptables-multiport, shorewall, etc) It is used to define
# action_* variables. Can be overridden globally or per
# section within jail.local file
##banaction = iptables-multiport
banaction = ip64tables-multiport

## - Note:
## - sendmail-only-ban must be configured. See action.d/sendmail-only-ban.local
## -
action_m = %(banaction)s[name=%(__name__)s, port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
              %(mta)s-only-ban_unban[name=%(__name__)s, dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]

## - Choose default action
## -
action = %(action_m)s
#action = %(action_)s


[sshd]

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
findtime = 600
maxretry = 6
bantime = 86400


[postfix-sasl]

enabled  = true
port     = smtp,465,submission
#port     = smtp,465,submission,143,imaps,pop3,pop3s
filter   = postfix-sasl
# You might consider monitoring /var/log/mail.warn instead if you are
# running postfix since it would provide the same log lines at the
# "warn" level but overall at the smaller filesize.
logpath  = /var/log/mail.warn
findtime = 60
maxretry = 10
bantime = 3600


[dovecot-pop3imap]

enabled = true
filter = dovecot-pop3imap
port = pop3,pop3s,143,imaps
protocol = tcp
#action = ip64tables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,143,imaps", protocol=tcp]
logpath = /var/log/dovecot/dovecot.log
maxretry = 20
findtime = 1200
bantime = 1200