How to renew the SSL certificates for dovecot and postfix

Make a backup of the existing SSL key and certificate file

cd /etc/pki/dovecot
cp -a certs/dovecot.pem certs/dovecot.pem.old
cp -a private/dovecot.pem private/dovecot.pem.old

Create the new SSL certificate for two years:

openssl genrsa -out private/dovecot.pem 1024
openssl req -new -x509 -key private/dovecot.pem -out certs/dovecot.pem -days 730

Restart Dovecot and Postfix

sudo systemctl restart dovecot
sudo systemctl restart postfix

Check the start and end dates for the certificate:

openssl x509 -dates -in certs/dovecot.pem

Custom fail2ban filters using regexp

fail2Ban is a very handy tool to prevent a lot of unwanted traffic from consuming bandwidth on your servers. It’s a very small and relatively simple IDS Type Tool that comes with some predefined Filters to automatically lockout potentially dangerous or bandwidth-consuming type attacks.

Creating a Custom Filter

/etc/fail2ban/filter.d/custom.conf
[Definition]
 
badagents = 360Spider|ZmEu|Auto Spider 1.0|zgrab/[0-9]*\.[0-9a-zA-Z]*|Wget\(.*\)|MauiBot.*
 
failregex = ^.+?:\d+ <HOST> -.*"(GET|POST|HEAD).*HTTP.*(?:%(badagents)s)"$
 
ignoreregex =

Testing

fail2ban-regex /path-to-samples/sample.log /etc/fail2ban/filter.d/custom.conf

Jail example

[apache-custom]
enabled  = true
logpath  = /var/log/apache*/access.log
		   /var/log/apache*/ssl_access.log
action   = iptables-ipset-proto4[name=Custom, port=1010, protocol=tcp]
findtime = 86400
bantime  = -1
maxretry = 1