ClearOS Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0022261ClearOSapp-imap - IMAP and POP Serverpublic2018-11-07 02:322019-05-03 02:00
Assigned ToNickH 
PlatformOSOS Version
Product Version7.5.0 Updates 
Target VersionFixed in Version7.5.0 Updates 
Summary0022261: Cyrus-imap jail does not protect POP/POPS
DescriptionIt looks like there is an upstream bug with the curus-imap protection. Cyrus-imap provided POP and IMAP services. In fail2ban, the filter /etc/fail2ban/filter.d/cyrus-imap.conf detects failed POP, POPS, IMAP and IMAPS logins, but the jail is constructed with the line:
port = imap,imaps

So when a ban is triggered, only the IMAP and IMAPS ports are blocked leaving you still open on POP/POPS

It should be simple to drop our own override into /etc/fail2ban/jail.d/clearos-cyrus-imap.conf just by adding the line:
port = imap,imaps,pop3,pop3s

This bug also relates to [^]
TagsNo tags attached.
Attached Files

- Relationships
related to 0009551closedNickH The worng port is being blocked by the cyrus-imap and postfix-sasl jails 

- Issue History
Date Modified Username Field Change
2018-11-07 02:32 NickH New Issue
2018-11-07 03:13 NickH Description Updated View Revisions
2018-11-07 06:15 user2 Status new => confirmed
2018-11-08 11:40 user2 Category app-attack-detector - Attack Detector => app-imap - IMAP and POP Server
2018-11-08 11:48 user2 Relationship added related to 0009551
2018-11-10 09:00 marclaporte Note Added: 0008581
2019-01-15 04:05 NickH Note Added: 0008781
2019-01-15 04:05 NickH Assigned To => NickH
2019-01-15 04:05 NickH Status confirmed => assigned
2019-02-01 12:26 NickH Status assigned => resolved
2019-02-01 12:26 NickH Fixed in Version => 7.5.0 Updates
2019-02-01 12:26 NickH Resolution open => fixed
2019-05-03 02:00 NickH Status resolved => closed