I asume that you have a fuly functional SCROLLOUT F1 instalation and you want to add spambot blocking feature.
Ad the following line to /etc/apt/sources list
deb http://ftp.debian.org/debian unstable main
Then run
apt-get update
apt-get -t unstable install fail2ban
cd /etc/fail2ban
cp jail.conf jail.local
Edit jail.local
[postfix]
enabled = true
port = smtp,ssmtp
filter = postfix
logpath = /var/log/mail.log
maxretry = 2
bantime = 7200
Edit /etc/fail2ban/filter.d/postfix.conf
failregex = reject: RCPT from (.*)\[\]: 450 4.7.1
reject: RCPT from (.*)\[\]: 554 5.7.1
reject: RCPT from (.*)\[\]: 550 5.1.1
reject: RCPT from (.*)\[\]:\d{5}: 550 5.5.1
Then run
service fail2ban restart
To check if it is working run:
fail2ban-client status postfix
iptables -L -n
You can play with following parameters:
maxretry, bantime, findtime
Do not forget:
- always edit jail.local instead of jail.conf (this way you don not risk to stay outside if software is updated
- put your trusted IP addresses in ignoreip