[Fwd: Re: CentOS + Kolab + Fail2Ban + IMAP]

Skale, Franz i.bin at dah.am
Fri May 11 11:00:31 CEST 2018


Hi,
Therefore i disabled guam and have written my own fail2ban rules 
(Postfix, cyrus, roundcube).
Also, the current guam version isn't stable. I posted a strace some time 
ago. (Orphaned threads).
It's quite easy to disable guam !
Disable the service (systemctl disable guam.service).
Change /etc/cyrus.conf to bind to the relevant ports. (disabling guam).
E.g:
# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
     # add or remove based on preferences
     imap        cmd="imapd" listen="hostname.domain.com:imap" prefork=10
     imaps        cmd="imapd -s -T 660" 
listen="hostname.domain.com:imaps" prefork=10
     pop3        cmd="pop3d" listen="hostname.domain.com:pop3" prefork=5
     pop3s        cmd="pop3d -s -T 660" 
listen="hostname.domain.com:pop3s" prefork=5
     sieve        cmd="timsieved" listen="hostname.domain.com:sieve" 
prefork=0

     imaplocal        cmd="imapd" listen="localhost:imap" prefork=10
     imapslocal        cmd="imapd -s -T 660" listen="localhost:imaps" 
prefork=10
     pop3local        cmd="pop3d" listen="localhost:pop3" prefork=5
     pop3slocal        cmd="pop3d -s -T 660" listen="localhost:pop3s" 
prefork=5
     sievelocal        cmd="timsieved" listen="localhost:sieve" prefork=0

     ptloader    cmd="ptloader -d9" 
listen="/var/lib/imap/ptclient/ptsock" prefork=1

     # these are only necessary if receiving/exporting usenet via NNTP
     #nntp        cmd="nntpd" listen="nntp" prefork=3
     #nntps        cmd="nntpd -s" listen="nntps" prefork=1

     # at least one LMTP is required for delivery
     #lmtp        cmd="lmtpd" listen="lmtp" prefork=0
     lmtpunix    cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1

     # this is only necessary if using notifications
     notify    cmd="notifyd" listen="/var/lib/imap/socket/notify" 
proto="udp" prefork=1
}

Rgds.
Franz


Am 2018-05-10 21:00, schrieb ladas:
> Hi everybody.
> 
> Yes, that is the problem. I can see that some user try to log in with
> no success, but IP address is localhost 172.0.0.1 And this is not
> possible to use for fail2ban. I need to get correct source IP address
> of the client to be possible to use it in a firewall rule.
> 
> Greetings,
> ladas
> 
> Aleksander Machniak píše v Čt 10. 05. 2018 v 20:21 +0200:
> 
>> On 05/10/2018 08:12 PM, Mihai Badici wrote:
>>> If not, you should set $config['log_logins'] = true; in
>>> /etc/roundcubemail/config.inc.php
>> The question was about IMAP. What webmail does is irrelevant. ps. I
>> don't know if Guam implements any options to log the IP or pass the
>> real IP to cyrus.
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users


More information about the users mailing list