Autofirewall for Linux MTA running postfix

I have written a perl program that protects a Linux MTA running postfix.

The program snifs on /var/log/mail. If a host is doing something wrong/illigal he will be blocked for 24 hours.

Three illigal attemps in 20 minutes trickers a drop action in iptables.

Installation:

  1. Download the file autofirewall.pl
  2. Edit user and password for access to mysql in the file.
  3. Get sql definitions file autofirewall.sql
  4. Do “chmod 555 autofirewall.pl”
  5. Do autofirewall.sql in mysql or MariaDB
  6. Add “*/10 * * * * /sti/til/autofirewall.pl > /sti/til/en/log.fil” to roots crontab
  7. Your MTA is now ptrotected against brute force attacks.

Update 2016/01/14:

Minor fixes and new function applied that restores the firewall after firewall flush or system reboot.