ClearFoundation Tracker - ClearOS
View Issue Details
0022261ClearOSapp-imap - IMAP and POP Serverpublic2018-11-07 02:322019-05-03 02:00
NickH 
NickH 
normalminoralways
closedfixed 
7.5.0 Updates 
7.5.0 Updates 
0022261: Cyrus-imap jail does not protect POP/POPS
It looks like there is an upstream bug with the curus-imap protection. Cyrus-imap provided POP and IMAP services. In fail2ban, the filter /etc/fail2ban/filter.d/cyrus-imap.conf detects failed POP, POPS, IMAP and IMAPS logins, but the jail is constructed with the line:
port = imap,imaps

So when a ban is triggered, only the IMAP and IMAPS ports are blocked leaving you still open on POP/POPS

It should be simple to drop our own override into /etc/fail2ban/jail.d/clearos-cyrus-imap.conf just by adding the line:
port = imap,imaps,pop3,pop3s

This bug also relates to https://tracker.clearos.com/view.php?id=9551 [^]
No tags attached.
related to 0009551closed NickH The worng port is being blocked by the cyrus-imap and postfix-sasl jails 
Issue History
2018-11-07 02:32NickHNew Issue
2018-11-07 03:13NickHDescription Updatedbug_revision_view_page.php?rev_id=2331#r2331
2018-11-07 06:15user2Statusnew => confirmed
2018-11-08 11:40user2Categoryapp-attack-detector - Attack Detector => app-imap - IMAP and POP Server
2018-11-08 11:48user2Relationship addedrelated to 0009551
2018-11-10 09:00marclaporteNote Added: 0008581
2019-01-15 04:05NickHNote Added: 0008781
2019-01-15 04:05NickHAssigned To => NickH
2019-01-15 04:05NickHStatusconfirmed => assigned
2019-02-01 12:26NickHStatusassigned => resolved
2019-02-01 12:26NickHFixed in Version => 7.5.0 Updates
2019-02-01 12:26NickHResolutionopen => fixed
2019-05-03 02:00NickHStatusresolved => closed

Notes
(0008581)
marclaporte   
2018-11-10 09:00   
Related commit and build
https://gitlab.com/clearos/clearfoundation/app-imap/commit/e96d2305a2b4a926c5f90f2aa007b1a1f3d2315f [^]
http://koji.clearos.com/koji/buildinfo?buildID=2527 [^]
(0008781)
NickH   
2019-01-15 04:05   
Also commit
https://gitlab.com/clearos/clearfoundation/app-imap/commit/e43b1f27072def7227d14bd1cd7aaeb911974089 [^]