[Users] Having some `brute` force log-in attempts on Zimbra
L. Mark Stone
lmark.stone at reliablenetworks.com
Mon Nov 27 15:09:59 CET 2017
Yes, a community-vetted fail2ban setup for Zimbra would be a wonderful addition!
___________________________________________________________
A Message From... L. Mark Stone, General Manager
"Uptime. All the time." ® www.reliablenetworks.com
Fifteen Years In Business! 2003 - 2017!
477 Congress Street, Suite 812 | Portland, ME 04101 | ( 207) 772-5678
Citrix XenApp/XenDesktop Hosting | SOC 2 Type II Audit
Zimbra Groupware | Mission-Critical Cl oud Hosting
This email may contain information that is privileged and confidential.
If you suspect that you were not intended to receive it, please delete
it and notify us as soon as possible. Thank you.
> From: "Barry de Graaff" <info at barrydegraaff.tk>
> To: "andreas wolske" <andreas.wolske at managedhosting.de>
> Cc: users at lists.zetalliance.org
> Sent: Monday, November 27, 2017 8:45:21 AM
> Subject: Re: [Users] Having some `brute` force log-in attempts on Zimbra
> Yes please, and can I put them on
> https://github.com/Zimbra-Community/zimbra-tools ?
> Kind regards,
> Barry de Graaff
> Zeta Alliance
> Co-founder & Developer
> zetalliance.org | github.com/Zimbra-Community
> +31 617 220 227
> Fingerprint: 97f4694a1d9aedad012533db725ddd156d36a2d0
> ----- Original Message -----
> From: "Andreas Wolske" <andreas.wolske at managedhosting.de>
> To: users at lists.zetalliance.org
> Sent: Monday, November 27, 2017 2:23:52 PM
> Subject: Re: [Users] Having some `brute` force log-in attempts on Zimbra
> Hi Barry,
> Am 27.11.2017 um 14:07 schrieb Barry de Graaff:
> > Hello Folks,
> > I am seeing some subtle brute force log-in attempts on the Alliance mailserver.
>> Every hour or so, someone from different locations in Brazil is trying to log
> > onto
>> our server. And it does not seem to be a normal user with a wrong password or
> > so.
> > What do you guys use to mitigate these? Should I add some fail2ban?
> We use composite DROP (Don't route or peer) Lists for iptables and
> a customized fail2ban setup tailored to meet zimbra logfile
> configurations.
> I could provide both configurations as an example.
> BR
> --
> Andreas Wolske
> Geschäftsführer
> ------------ managedhosting.de - Enterprise Cloud Services ------------
> VMware Hybrid Cloud Powered Service Provider
> Red Hat Certified Cloud & Service Provider
> Zimbra Gold Partner
> FileCloud Certified Partner
> veeam Cloud Provider
> p +49 30 202364910
> f +49 30 202364919
> m +49 151 21258008
> @ andreas.wolske at managedhosting.de
> w https://www.managedhosting.de
> Pflichtangaben nach §35a GmbHG: https://www.managedhosting.de/legal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zetalliance.org/pipermail/users_lists.zetalliance.org/attachments/20171127/89dd858c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RelNet_Logo_300x60.png
Type: image/png
Size: 11090 bytes
Desc: not available
URL: <http://lists.zetalliance.org/pipermail/users_lists.zetalliance.org/attachments/20171127/89dd858c/attachment.png>
More information about the Users
mailing list