Stats

  • Category: misc
  • License: GNU Affero General Public License (AGPL) version 3
  • Updated: 2012-3-31
  • Downloads: 1161

Releases

Author Recommended: 2012-03-30

Previous releases:

Other Projects

Marco Gabriel's projects:

1

Recommendations

Summary:

Integrate Zarafa in fail2ban and secure your installation against attacks

Full description:

On many Zarafa installations it is possible to access mail from external IPs by using port forwarding or dmz setups. If you watch your logs, you'll most probably find some brute force attacks on imap, pop3 or other ports which is not only very annoying, it is a security risk if a user has a weak password.

Fail2ban is a log file parser which acts to attacks by setting a firewall rule for the attacking ip and a defined time. If more than 3 logins within a short time from the same ip were unsuccessful, fail2ban bans that ip for 10 minutes. As you can configure the ban time and the fail counter, you can make your Zarafa installation much more secure.

This project provides the necessary scripts and configs to include Zarafa in fail2ban.

 

Release notes:

- This release just takes care of zarafa-gateway as this is the most attacked component (imap, pop3)

- The install.sh is made for debian/ubuntu. On other distributions, you might need to follow the manual installation.

Some feedback:

  • You should use jail.local instead of modifying jail.conf directly
  • The provided config is too overweight for normal Zarafa systems

 

Valentin Höbel 592 days ago

What do you mean by "too overweight for normal Zarafa systems"?

Marco Gabriel 485 days ago