The following lines were added (+) and removed (-):
===== jail.conf / jail.local =====Configuration for Fail2ban on a Redhat/Fedora/CentOS style distribution. This is using fail2ban with dovecot 2.x (versions 2 and above) - filtering and pattern matching.Comments in jail.conf clearly warn against modifications in jail.conf. Put your customizations in a jail.local file or a jail.d/customisation.local #configuration files: ./fail2ban cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local#regex filters: ./fail2ban/filter.d vi /etc/fail2ban/jail.local#action file (do/block): ./fail2ban/action.d First edit the dovecot.conf filter file. vi ./fail2ban/[[sample-filter.d|filter.d]] Next edit the postfix-sasl.conf and iptables-multiport-tcp.conf action files. vi ./fail2ban/filter.d/[[sample-postfix-sasl.conf|postfix-sasl.conf]] vi ./fail2ban/action.d/[[sample-iptables-multiport-tcp.conf|iptables-multiport-tcp.conf]] Do not directly edit jail.conf. Comments in jail.conf clearly warn against modifications in jail.conf. Put your customizations in a jail.local file or a jail.d/customisation.local cp ./fail2ban/jail.conf ./fail2ban/jail.local vi ./fail2ban/[[sample-jail.local|jail.local]]*filter: Refers to the appropriate filter file in "/etc/fail2ban/filter.d".*filter: Refers to the appropriate filter file in "./fail2ban/filter.d". ignoreip = 127.0.0.1 192.168.254.0/24Set the IP addresses of trusted hosts for fail2ban to ignore. Replace the 192x non-routable with the address of your machine or network. You can also add other trusted networks. Put your mom's IP address in there because sometimes she gets her password wrong more than 3 times in a row!