| Anonymous | Login | 2024-11-21 04:01 MST |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Revisions: Issue #22261 | [ All Revisions ] [ Back to Issue ] | ||
| Summary | 0022261: Cyrus-imap jail does not protect POP/POPS | ||
| Revision | 2018-11-07 03:13 by NickH | ||
| Description | It looks like there is an upstream bug with the curus-imap protection. Cyrus-imap provided POP and IMAP services. In fail2ban, the filter /etc/fail2ban/filter.d/cyrus-imap.conf detects failed POP, POPS, IMAP and IMAPS logins, but the jail is constructed with the line: port = imap,imaps So when a ban is triggered, only the IMAP and IMAPS ports are blocked leaving you still open on POP/POPS It should be simple to drop our own override into /etc/fail2ban/jail.d/clearos-cyrus-imap.conf just by adding the line: port = imap,imaps,pop3,pop3s This bug also relates to https://tracker.clearos.com/view.php?id=9551 [^] |
||
| Revision | 2018-11-07 02:32 by NickH | ||
| Description | It looks like there is an upstream bug with the curus-imap protection. Cyrus-imap provided POP and IMAP services. In fail2ban, the filter /etc/fail2ban/filter.d/cyrus-imap.conf detects failed POP, POPS, IMAP and IMAPS logins, but the jail is constructed with the line: port = imap,imaps So when a ban is triggered, only the IMAP and IMAPS ports are blocked leaving you still open on POP/POPS It should be simple to drop our own override into /etc/fail2ban/jail.d/clearos-cyrus-imap.conf just by adding the line: port = imap,imaps,pop3,pop3s |
||