From c1129be4e77b959132cdb54cec8581063042a86b Mon Sep 17 00:00:00 2001
From: nbenedek <contact@nbenedek.me>
Date: Thu, 17 Nov 2022 20:17:10 +0100
Subject: [PATCH] email: dovecot: Add fail2ban jail

I tested this patch on a production server. When trying to authenticate with
Thunderbird, the program will try to log in three times, then disconnect from
the server. This means that one failed login attempt will be logged as four
attempts. For this reason, set maxretry to be 30.

The IP block only affects dovecot, other services are still reachable.

Signed-off-by: nbenedek <contact@nbenedek.me>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
---
 .../email/data/etc/fail2ban/jail.d/dovecot-freedombox.conf     | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 plinth/modules/email/data/etc/fail2ban/jail.d/dovecot-freedombox.conf

diff --git a/plinth/modules/email/data/etc/fail2ban/jail.d/dovecot-freedombox.conf b/plinth/modules/email/data/etc/fail2ban/jail.d/dovecot-freedombox.conf
new file mode 100644
index 000000000..456bcf164
--- /dev/null
+++ b/plinth/modules/email/data/etc/fail2ban/jail.d/dovecot-freedombox.conf
@@ -0,0 +1,3 @@
+[dovecot]
+enabled = true
+maxretry = 30