ClearFoundation Tracker - ClearOS |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0022261 | ClearOS | app-imap - IMAP and POP Server | public | 2018-11-07 02:32 | 2019-05-03 02:00 |
|
| Reporter | NickH | |
| Assigned To | NickH | |
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | | OS | | OS Version | |
| Product Version | 7.5.0 Updates | |
| Target Version | | Fixed in Version | 7.5.0 Updates | |
|
| Summary | 0022261: Cyrus-imap jail does not protect POP/POPS |
| Description | It looks like there is an upstream bug with the curus-imap protection. Cyrus-imap provided POP and IMAP services. In fail2ban, the filter /etc/fail2ban/filter.d/cyrus-imap.conf detects failed POP, POPS, IMAP and IMAPS logins, but the jail is constructed with the line:
port = imap,imaps
So when a ban is triggered, only the IMAP and IMAPS ports are blocked leaving you still open on POP/POPS
It should be simple to drop our own override into /etc/fail2ban/jail.d/clearos-cyrus-imap.conf just by adding the line:
port = imap,imaps,pop3,pop3s
This bug also relates to https://tracker.clearos.com/view.php?id=9551 [^] |
| Steps To Reproduce | |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | | related to | 0009551 | closed | NickH | The worng port is being blocked by the cyrus-imap and postfix-sasl jails |
|
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2018-11-07 02:32 | NickH | New Issue | |
| 2018-11-07 03:13 | NickH | Description Updated | bug_revision_view_page.php?rev_id=2331#r2331 |
| 2018-11-07 06:15 | user2 | Status | new => confirmed |
| 2018-11-08 11:40 | user2 | Category | app-attack-detector - Attack Detector => app-imap - IMAP and POP Server |
| 2018-11-08 11:48 | user2 | Relationship added | related to 0009551 |
| 2018-11-10 09:00 | marclaporte | Note Added: 0008581 | |
| 2019-01-15 04:05 | NickH | Note Added: 0008781 | |
| 2019-01-15 04:05 | NickH | Assigned To | => NickH |
| 2019-01-15 04:05 | NickH | Status | confirmed => assigned |
| 2019-02-01 12:26 | NickH | Status | assigned => resolved |
| 2019-02-01 12:26 | NickH | Fixed in Version | => 7.5.0 Updates |
| 2019-02-01 12:26 | NickH | Resolution | open => fixed |
| 2019-05-03 02:00 | NickH | Status | resolved => closed |