[Netfilter] Punish failed logins to /rspamd

master
andryyy 2019-10-12 13:15:59 +02:00
parent 0089f72f3d
commit 2811b498ab
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
1 changed files with 2 additions and 1 deletions

View File

@ -35,7 +35,8 @@ RULES[3] = '-login: Aborted login \(tried to use disallowed .+\): user=.+, rip=(
RULES[4] = 'SOGo.+ Login from \'([0-9a-f\.:]+)\' for user .+ might not have worked' RULES[4] = 'SOGo.+ Login from \'([0-9a-f\.:]+)\' for user .+ might not have worked'
RULES[5] = 'mailcow UI: Invalid password for .+ by ([0-9a-f\.:]+)' RULES[5] = 'mailcow UI: Invalid password for .+ by ([0-9a-f\.:]+)'
RULES[6] = '([0-9a-f\.:]+) \"GET \/SOGo\/.* HTTP.+\" 403 .+' RULES[6] = '([0-9a-f\.:]+) \"GET \/SOGo\/.* HTTP.+\" 403 .+'
#RULES[7] = '-login: Aborted login \(no auth .+\): user=.+, rip=([0-9a-f\.:]+), lip.+' RULES[7] = 'Rspamd UI: Invalid password by ([0-9a-f\.:]+)'
#RULES[8] = '-login: Aborted login \(no auth .+\): user=.+, rip=([0-9a-f\.:]+), lip.+'
WHITELIST = [] WHITELIST = []
BLACKLIST= [] BLACKLIST= []