Marco Gabriel's projects:
Integrate Zarafa in fail2ban and secure your installation against attacks
On many Zarafa installations it is possible to access mail from external IPs by using port forwarding or dmz setups. If you watch your logs, you'll most probably find some brute force attacks on imap, pop3 or other ports which is not only very annoying, it is a security risk if a user has a weak password.
Fail2ban is a log file parser which acts to attacks by setting a firewall rule for the attacking ip and a defined time. If more than 3 logins within a short time from the same ip were unsuccessful, fail2ban bans that ip for 10 minutes. As you can configure the ban time and the fail counter, you can make your Zarafa installation much more secure.
This project provides the necessary scripts and configs to include Zarafa in fail2ban.
- This release just takes care of zarafa-gateway as this is the most attacked component (imap, pop3)
- The install.sh is made for debian/ubuntu. On other distributions, you might need to follow the manual installation.
Valentin Höbel 924 days ago