[prev in list] [next in list] [prev in thread] [next in thread]
List: kolab-users
Subject: Re: [Fwd: Re: CentOS + Kolab + Fail2Ban + IMAP]
From: "L.Slanina" <ladas () seznam ! cz>
Date: 2018-05-14 21:09:59
Message-ID: 1526332199.16339.19.camel () seznam ! cz
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi everybody.
Sorry for late answer, I was outside of my office.
Thank you Franz for advice. At the beginning it seems complicated, but
at the end copy/paste and a bit modifications and it works! I found
correct IPs' at maillog so it works with fail2ban too which was my
target. Thank you very much for help.
Greetings, ladas
Skale, Franz píše v Pá 11. 05. 2018 v 11:00 +0200:
> Hi,
> Therefore i disabled guam and have written my own fail2ban rules
> (Postfix, cyrus, roundcube).
> Also, the current guam version isn't stable. I posted a strace some
> time
> ago. (Orphaned threads).
> It's quite easy to disable guam !
> Disable the service (systemctl disable guam.service).
> Change /etc/cyrus.conf to bind to the relevant ports. (disabling
> guam).
> E.g:
> # UNIX sockets start with a slash and are put into
> /var/lib/imap/sockets
> SERVICES {
> # add or remove based on preferences
> imap cmd="imapd" listen="hostname.domain.com:imap"
> prefork=10
> imaps cmd="imapd -s -T 660"
> listen="hostname.domain.com:imaps" prefork=10
> pop3 cmd="pop3d" listen="hostname.domain.com:pop3"
> prefork=5
> pop3s cmd="pop3d -s -T 660"
> listen="hostname.domain.com:pop3s" prefork=5
> sieve cmd="timsieved" listen="hostname.domain.com:sieve"
> prefork=0
>
> imaplocal cmd="imapd" listen="localhost:imap" prefork=10
> imapslocal cmd="imapd -s -T 660"
> listen="localhost:imaps"
> prefork=10
> pop3local cmd="pop3d" listen="localhost:pop3" prefork=5
> pop3slocal cmd="pop3d -s -T 660"
> listen="localhost:pop3s"
> prefork=5
> sievelocal cmd="timsieved" listen="localhost:sieve"
> prefork=0
>
> ptloader cmd="ptloader -d9"
> listen="/var/lib/imap/ptclient/ptsock" prefork=1
>
> # these are only necessary if receiving/exporting usenet via
> NNTP
> #nntp cmd="nntpd" listen="nntp" prefork=3
> #nntps cmd="nntpd -s" listen="nntps" prefork=1
>
> # at least one LMTP is required for delivery
> #lmtp cmd="lmtpd" listen="lmtp" prefork=0
> lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp"
> prefork=1
>
> # this is only necessary if using notifications
> notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
> proto="udp" prefork=1
> }
>
> Rgds.
> Franz
>
>
> Am 2018-05-10 21:00, schrieb ladas:
> >
> > Hi everybody.
> >
> > Yes, that is the problem. I can see that some user try to log in
> > with
> > no success, but IP address is localhost 172.0.0.1 And this is not
> > possible to use for fail2ban. I need to get correct source IP
> > address
> > of the client to be possible to use it in a firewall rule.
> >
> > Greetings,
> > ladas
> >
> > Aleksander Machniak píše v Čt 10. 05. 2018 v 20:21 +0200:
> >
> > >
> > > On 05/10/2018 08:12 PM, Mihai Badici wrote:
> > > >
> > > > If not, you should set $config['log_logins'] = true; in
> > > > /etc/roundcubemail/config.inc.php
> > > The question was about IMAP. What webmail does is irrelevant. ps.
> > > I
> > > don't know if Guam implements any options to log the IP or pass
> > > the
> > > real IP to cyrus.
> > _______________________________________________
> > users mailing list
> > users@lists.kolab.org
> > https://lists.kolab.org/mailman/listinfo/users
> _______________________________________________
> users mailing list
> users@lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users
[Attachment #5 (text/html)]
<html><head></head><body><div>Hi everybody.</div><div><br></div><div>Sorry for late \
answer, I was outside of my office.</div><div>Thank you Franz for advice. At the \
beginning it seems complicated, but at the end copy/paste and a bit modifications and \
it works! I found correct IPs' at maillog so it works with fail2ban too which was my \
target. Thank you very much for help.</div><div><br></div><div>Greetings, \
ladas</div><div><br></div><div>Skale, Franz píše v Pá 11. 05. 2018 v 11:00 \
+0200:</div><blockquote type="cite"><pre>Hi, Therefore i disabled guam and have \
written my own fail2ban rules (Postfix, cyrus, roundcube).
Also, the current guam version isn't stable. I posted a strace some time
ago. (Orphaned threads).
It's quite easy to disable guam !
Disable the service (systemctl disable guam.service).
Change /etc/cyrus.conf to bind to the relevant ports. (disabling guam).
E.g:
# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="hostname.domain.com:imap" prefork=10
imaps cmd="imapd -s -T 660"
listen="hostname.domain.com:imaps" prefork=10
pop3 cmd="pop3d" listen="hostname.domain.com:pop3" prefork=5
pop3s cmd="pop3d -s -T 660"
listen="hostname.domain.com:pop3s" prefork=5
sieve cmd="timsieved" listen="hostname.domain.com:sieve"
prefork=0
imaplocal cmd="imapd" listen="localhost:imap" prefork=10
imapslocal cmd="imapd -s -T 660" listen="localhost:imaps"
prefork=10
pop3local cmd="pop3d" listen="localhost:pop3" prefork=5
pop3slocal cmd="pop3d -s -T 660" listen="localhost:pop3s"
prefork=5
sievelocal cmd="timsieved" listen="localhost:sieve" prefork=0
ptloader cmd="ptloader -d9"
listen="/var/lib/imap/ptclient/ptsock" prefork=1
# these are only necessary if receiving/exporting usenet via NNTP
#nntp cmd="nntpd" listen="nntp" prefork=3
#nntps cmd="nntpd -s" listen="nntps" prefork=1
# at least one LMTP is required for delivery
#lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
# this is only necessary if using notifications
notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
proto="udp" prefork=1
}
Rgds.
Franz
Am 2018-05-10 21:00, schrieb ladas:
<blockquote type="cite">
Hi everybody.
Yes, that is the problem. I can see that some user try to log in with
no success, but IP address is localhost 172.0.0.1 And this is not
possible to use for fail2ban. I need to get correct source IP address
of the client to be possible to use it in a firewall rule.
Greetings,
ladas
Aleksander Machniak píše v Čt 10. 05. 2018 v 20:21 +0200:
<blockquote type="cite">
On 05/10/2018 08:12 PM, Mihai Badici wrote:
<blockquote type="cite">
If not, you should set $config['log_logins'] = true; in
/etc/roundcubemail/config.inc.php
</blockquote>
The question was about IMAP. What webmail does is irrelevant. ps. I
don't know if Guam implements any options to log the IP or pass the
real IP to cyrus.
</blockquote>
_______________________________________________
users mailing list
<a href="mailto:users@lists.kolab.org">users@lists.kolab.org</a>
<a href="https://lists.kolab.org/mailman/listinfo/users">https://lists.kolab.org/mailman/listinfo/users</a>
</blockquote>
_______________________________________________
users mailing list
<a href="mailto:users@lists.kolab.org">users@lists.kolab.org</a>
<a href="https://lists.kolab.org/mailman/listinfo/users">https://lists.kolab.org/mailman/listinfo/users</a></pre></blockquote></body></html>
_______________________________________________
users mailing list
users@lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic