403Webshell
Server IP : 158.247.231.215  /  Your IP : 216.73.217.84
Web Server : Apache/2.4.41 (Ubuntu)
System : Linux CTMS 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User : www-data ( 33)
PHP Version : 8.0.30
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /etc/fail2ban/filter.d/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /etc/fail2ban/filter.d/exim-spam.conf
# Fail2Ban filter for exim the spam rejection messages
#
# Honeypot traps are very useful for fighting spam. You just activate an email
# address on your domain that you do not intend to use at all, and that normal
# people do not risk to try for contacting you. It may be something that 
# spammers often test. You can also hide the address on a web page to be picked
# by spam spiders. Or simply parse your mail logs for an invalid address 
# already being frequently targeted by spammers. Enable the address and 
# redirect it to the blackhole. In Exim's alias file, you would add the 
# following line (assuming the address is honeypot@yourdomain.com):
#
# honeypot:  :blackhole:
#
# For the SA: Action: silently tossed message... to be logged exim's SAdevnull option needs to be used.
#
# To this filter use the jail.local should contain in the right jail:
#
# filter = exim-spam[honeypot=honeypot@yourdomain.com]
#

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from
# exim-common.local
before = exim-common.conf

[Definition]

failregex =  ^%(pid)s \S+ F=(<>|\S+@\S+) %(host_info)srejected by local_scan\(\): .{0,256}$
             ^%(pid)s %(host_info)sF=(<>|[^@]+@\S+) rejected RCPT [^@]+@\S+: .*dnsbl.*\s*$
             ^%(pid)s \S+ %(host_info)sF=(<>|[^@]+@\S+) rejected after DATA: This message contains a virus \(\S+\)\.\s*$
             ^%(pid)s \S+ SA: Action: flagged as Spam but accepted: score=\d+\.\d+ required=\d+\.\d+ \(scanned in \d+/\d+ secs \| Message-Id: \S+\)\. From \S+ \(host=\S+ \[<HOST>\]\) for <honeypot>$
             ^%(pid)s \S+ SA: Action: silently tossed message: score=\d+\.\d+ required=\d+\.\d+ trigger=\d+\.\d+ \(scanned in \d+/\d+ secs \| Message-Id: \S+\)\. From \S+ \(host=(\S+ )?\[<HOST>\]\) for \S+$

ignoreregex = 

[Init]

# Option:  honeypot
# Notes.:  honeypot is an email address that isn't published anywhere that a
#          legitimate email sender would send email too.
# Values:  email address

honeypot = trap@example.com

# DEV Notes:
# The %(host_info) defination contains a <HOST> match
#
# Author: Cyril Jaquier
#         Daniel Black (rewrote with strong regexs)

Youez - 2016 - github.com/yon3zu
LinuXploit