Add bcc and dontsend capabilities to xarf-login-attack action #2924
Conversation
|
Just by the way, please note an amendment to PR description: -xarf-login-attack-local[mailargs=%(mailargs)s,mailcmd=%(mailcmd)s,bcc=%(bcc)s,dontsend=%(dontsend)s]
+xarf-login-attack-local[mailargs=%(mailargs)s,mailcmd=%(mailcmd)s,bcc="%(bcc)s",dontsend="%(dontsend)s"]without quotes it would supply wrong (truncated) arguments to the action. |
Why it should be redundant (now)? I don't see any code piece that could solve #2372, which could occur again if you would remove this "redundant" operation. |
|
@sebres thanks for your comment. I have tested extensively without the suggested double-quotes and have no experienced truncation of the arguments, verified by dumping the received arguments to a tempfile for debugging. Can you please point me in the direction what I'm failing to understand? |
Address concerns re fail2ban#2372.
as you can see As for "not experienced truncation", it is a matter of sequence, so how (or rather when exactly) - [..., dontsend=%(dontsend)s]
+ [..., dontsend=( 'one@address.com' 'two@address.com' 'three@address.com')]But... trying this: I see it is indeed correct, so space (alone) is not a separator anymore at least in last version (I changed this extractOptions several times). |
This PR provides the ability to specify an optional bcc for the generated abuse emails. It also provides the ability to provide an array of abuse addresses for which no email should be generated. This solves the problem of published abuse addresses which bounce the mail back to the sender or, as in the case of lacnicnet, say that they cannot assist because the are a regional allocation registry.
The dontsend array is specified in jail.local as:
The bcc is specified in jail.local as:
bcc = someaddress@myhost.comThen xarf-login-attack is called as usual, with either of the new optional parameters passed as desired:
I also removed a redundant IFS operation on $ADDRESSES.
Resolves #2919 and #2920 .