Both sides previous revision
Previous revision
Next revision
|
Previous revision
|
internet:mail:mailcleaner_csf [2021/06/09 11:23] gcooper |
internet:mail:mailcleaner_csf [2024/01/12 06:15] (current) gcooper |
<note>CSF and this howto are probably **most beneficial when using MailCleaner as a bastion host** with a public IP address. If you are running your MailCleaner privately behind a NAT firewall and port-forwarding, this may not be worth the trouble for you. If you build a MailCleaner cluster, you may want to implement CSF clustering as well.</note> | <note>CSF and this howto are probably **most beneficial when using MailCleaner as a bastion host** with a public IP address. If you are running your MailCleaner privately behind a NAT firewall and port-forwarding, this may not be worth the trouble for you. If you build a MailCleaner cluster, you may want to implement CSF clustering as well.</note> |
| |
===== Disable MailCleaner Firewall ===== | ===== Disable Old Services ===== |
| |
| <note warning>Has Mailcleaner changed and made this section inaccurate?</note> |
| |
| ==== Disable Firewall ==== |
| |
<file> | <file> |
<file> | <file> |
/usr/mailcleaner/etc/init.d/firewall stop | /usr/mailcleaner/etc/init.d/firewall stop |
/usr/mailcleaner/etc/init.d/fail2ban stop | |
systemctl disable firewalld.service | systemctl disable firewalld.service |
| </file> |
| |
| ==== Disable Fail2Ban ==== |
| |
| <file> |
| vim /usr/mailcleaner/etc/init.d/fail2ban |
| </file> |
| |
| Add at the top below ''#! /bin/sh'' and the initial comments: |
| |
| <file> |
| # We will use LFD for log file monitoring, so exiting this script |
| logger "MailCleaner fail2ban disabled in /usr/mailcleaner/etc/init.d/fail2ban" |
| exit 0 |
| </file> |
| |
| <file> |
| /usr/mailcleaner/etc/init.d/fail2ban stop |
systemctl disable fail2ban.service | systemctl disable fail2ban.service |
</file> | </file> |