| Anonymous | Login | 2024-11-21 01:36 MST |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0022261 | ClearOS | app-imap - IMAP and POP Server | public | 2018-11-07 02:32 | 2019-05-03 02:00 | ||||
| Reporter | NickH | ||||||||
| Assigned To | NickH | ||||||||
| Priority | normal | Severity | minor | Reproducibility | always | ||||
| Status | closed | Resolution | fixed | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | 7.5.0 Updates | ||||||||
| Target Version | Fixed in Version | 7.5.0 Updates | |||||||
| Summary | 0022261: Cyrus-imap jail does not protect POP/POPS | ||||||||
| Description | It looks like there is an upstream bug with the curus-imap protection. Cyrus-imap provided POP and IMAP services. In fail2ban, the filter /etc/fail2ban/filter.d/cyrus-imap.conf detects failed POP, POPS, IMAP and IMAPS logins, but the jail is constructed with the line: port = imap,imaps So when a ban is triggered, only the IMAP and IMAPS ports are blocked leaving you still open on POP/POPS It should be simple to drop our own override into /etc/fail2ban/jail.d/clearos-cyrus-imap.conf just by adding the line: port = imap,imaps,pop3,pop3s This bug also relates to https://tracker.clearos.com/view.php?id=9551 [^] | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
||||||
|
||||||
 Relationships |
|
Notes |
|
|
(0008581) marclaporte (manager) 2018-11-10 09:00 |
Related commit and build https://gitlab.com/clearos/clearfoundation/app-imap/commit/e96d2305a2b4a926c5f90f2aa007b1a1f3d2315f [^] http://koji.clearos.com/koji/buildinfo?buildID=2527 [^] |
|
(0008781) NickH (developer) 2019-01-15 04:05 |
Also commit https://gitlab.com/clearos/clearfoundation/app-imap/commit/e43b1f27072def7227d14bd1cd7aaeb911974089 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2018-11-07 02:32 | NickH | New Issue | |
| 2018-11-07 03:13 | NickH | Description Updated | View Revisions |
| 2018-11-07 06:15 | user2 | Status | new => confirmed |
| 2018-11-08 11:40 | user2 | Category | app-attack-detector - Attack Detector => app-imap - IMAP and POP Server |
| 2018-11-08 11:48 | user2 | Relationship added | related to 0009551 |
| 2018-11-10 09:00 | marclaporte | Note Added: 0008581 | |
| 2019-01-15 04:05 | NickH | Note Added: 0008781 | |
| 2019-01-15 04:05 | NickH | Assigned To | => NickH |
| 2019-01-15 04:05 | NickH | Status | confirmed => assigned |
| 2019-02-01 12:26 | NickH | Status | assigned => resolved |
| 2019-02-01 12:26 | NickH | Fixed in Version | => 7.5.0 Updates |
| 2019-02-01 12:26 | NickH | Resolution | open => fixed |
| 2019-05-03 02:00 | NickH | Status | resolved => closed |
|
Issue History |