[Fwd: Re: CentOS + Kolab + Fail2Ban + IMAP]
L.Slanina
ladas at seznam.cz
Mon May 14 23:09:59 CEST 2018
Hi everybody.
Sorry for late answer, I was outside of my office.
Thank you Franz for advice. At the beginning it seems complicated, but
at the end copy/paste and a bit modifications and it works! I found
correct IPs' at maillog so it works with fail2ban too which was my
target. Thank you very much for help.
Greetings, ladas
Skale, Franz píše v Pá 11. 05. 2018 v 11:00 +0200:
> Hi,
> Therefore i disabled guam and have written my own fail2ban rules
> (Postfix, cyrus, roundcube).
> Also, the current guam version isn't stable. I posted a strace some
> time
> ago. (Orphaned threads).
> It's quite easy to disable guam !
> Disable the service (systemctl disable guam.service).
> Change /etc/cyrus.conf to bind to the relevant ports. (disabling
> guam).
> E.g:
> # UNIX sockets start with a slash and are put into
> /var/lib/imap/sockets
> SERVICES {
> # add or remove based on preferences
> imap cmd="imapd" listen="hostname.domain.com:imap"
> prefork=10
> imaps cmd="imapd -s -T 660"
> listen="hostname.domain.com:imaps" prefork=10
> pop3 cmd="pop3d" listen="hostname.domain.com:pop3"
> prefork=5
> pop3s cmd="pop3d -s -T 660"
> listen="hostname.domain.com:pop3s" prefork=5
> sieve cmd="timsieved" listen="hostname.domain.com:sieve"
> prefork=0
>
> imaplocal cmd="imapd" listen="localhost:imap" prefork=10
> imapslocal cmd="imapd -s -T 660"
> listen="localhost:imaps"
> prefork=10
> pop3local cmd="pop3d" listen="localhost:pop3" prefork=5
> pop3slocal cmd="pop3d -s -T 660"
> listen="localhost:pop3s"
> prefork=5
> sievelocal cmd="timsieved" listen="localhost:sieve"
> prefork=0
>
> ptloader cmd="ptloader -d9"
> listen="/var/lib/imap/ptclient/ptsock" prefork=1
>
> # these are only necessary if receiving/exporting usenet via
> NNTP
> #nntp cmd="nntpd" listen="nntp" prefork=3
> #nntps cmd="nntpd -s" listen="nntps" prefork=1
>
> # at least one LMTP is required for delivery
> #lmtp cmd="lmtpd" listen="lmtp" prefork=0
> lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp"
> prefork=1
>
> # this is only necessary if using notifications
> notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
> proto="udp" prefork=1
> }
>
> Rgds.
> Franz
>
>
> Am 2018-05-10 21:00, schrieb ladas:
> >
> > Hi everybody.
> >
> > Yes, that is the problem. I can see that some user try to log in
> > with
> > no success, but IP address is localhost 172.0.0.1 And this is not
> > possible to use for fail2ban. I need to get correct source IP
> > address
> > of the client to be possible to use it in a firewall rule.
> >
> > Greetings,
> > ladas
> >
> > Aleksander Machniak píše v Čt 10. 05. 2018 v 20:21 +0200:
> >
> > >
> > > On 05/10/2018 08:12 PM, Mihai Badici wrote:
> > > >
> > > > If not, you should set $config['log_logins'] = true; in
> > > > /etc/roundcubemail/config.inc.php
> > > The question was about IMAP. What webmail does is irrelevant. ps.
> > > I
> > > don't know if Guam implements any options to log the IP or pass
> > > the
> > > real IP to cyrus.
> > _______________________________________________
> > users mailing list
> > users at lists.kolab.org
> > https://lists.kolab.org/mailman/listinfo/users
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kolab.org/pipermail/users/attachments/20180514/720efe63/attachment.html>
More information about the users
mailing list