<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: #000000"><div>Yes, a community-vetted fail2ban setup for Zimbra would be a wonderful addition!</div><div><br></div><div data-marker="__SIG_PRE__"><div>___________________________________________________________</div><div><strong>A Message From... L. Mark Stone, General Manager</strong></div><div><strong></strong><br></div><div><img src="cid:d598b4953bcfa8ddf5c95beea01a6940cdd60260@zimbra" data-mce-src="https://zmail.otelcotel.com/home/mark.stone@reliablenetworks.com/Briefcase/RelNet_Logo_300x60.png" doc="Briefcase/RelNet_Logo_300x60.png"></div><div><div><span size="2" style="font-size: small;" data-mce-style="font-size: small;"><em>"Uptime. All the time." </em><span size="3" style="font-size: medium;" data-mce-style="font-size: medium;">® <span color="#999999" size="2" style="color: #999999; font-size: small;" data-mce-style="color: #999999; font-size: small;"><a href="http://www.reliablenetworks.com" data-mce-href="http://www.reliablenetworks.com">www.reliablenetworks.com</a></span></span></span></div><p style="margin: 0px;" data-mce-style="margin: 0px;"><i style="color: rgb(255, 102, 0); background-color: rgb(255, 255, 255); font-size: small; text-decoration: underline;" data-mce-style="color: #ff6600; background-color: #ffffff; font-size: small; text-decoration: underline;"></i><br></p><p style="margin: 0px;" data-mce-style="margin: 0px;"><i style="color: #ff6600; background-color: #ffffff; font-size: small; text-decoration: underline;" data-mce-style="color: #ff6600; background-color: #ffffff; font-size: small; text-decoration: underline;">Fifteen Years In Business! 2003 - 2017!</i></p><p style="margin: 0px;" data-mce-style="margin: 0px;"><span size="2" style="font-size: small;" data-mce-style="font-size: small;"><br></span><span size="2" style="color: #333333; font-size: small;" data-mce-style="color: #333333; font-size: small;"><span size="2" style="font-size: small;" data-mce-style="font-size: small;">477 Congress Street, Suite 812</span> | Portland, ME 04101 | (<a onclick="window.top.Com_Zimbra_Phone.unsetOnbeforeunload()" href="callto:+1207%29%20772-5678" data-mce-href="callto:+1207%29%20772-5678">207) 772-5678</a></span></p><div><span size="2" style="font-size: small;" data-mce-style="font-size: small;"> </span></div><div><span size="2" style="font-size: small;" data-mce-style="font-size: small;"><span size="2" style="font-size: small;" data-mce-style="font-size: small;"><span color="#ff6600" style="color: #ff6600;" data-mce-style="color: #ff6600;">Citrix XenApp/XenDesktop Hosting</span> | <span color="#ff6600" style="color: #ff6600;" data-mce-style="color: #ff6600;">SOC 2 Type II Audit </span><br><span color="#ff6600" style="color: #ff6600;" data-mce-style="color: #ff6600;"><i>Zimbra</i></span><span color="#ff6600" style="color: #ff6600;" data-mce-style="color: #ff6600;"> Groupware</span> | <span color="#ff6600" style="color: #ff6600;" data-mce-style="color: #ff6600;">Mission-Critical Cl</span><span color="#ff6600" style="color: #ff6600;" data-mce-style="color: #ff6600;">oud Hosting </span><br></span></span></div><div><br></div><div><span size="2" style="font-size: small;" data-mce-style="font-size: small;">This email may contain information that is privileged and confidential.<br>If you suspect that you were not intended to receive it, please delete<br>it and notify us as soon as possible. Thank you.</span></div></div></div><br><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><blockquote style="border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><b>From: </b>"Barry de Graaff" <info@barrydegraaff.tk><br><b>To: </b>"andreas wolske" <andreas.wolske@managedhosting.de><br><b>Cc: </b>users@lists.zetalliance.org<br><b>Sent: </b>Monday, November 27, 2017 8:45:21 AM<br><b>Subject: </b>Re: [Users] Having some `brute` force log-in attempts on Zimbra<br></blockquote></div><div data-marker="__QUOTED_TEXT__"><blockquote style="border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;">Yes please, and can I put them on <br>https://github.com/Zimbra-Community/zimbra-tools ?<br><br>Kind regards, <br><br>Barry de Graaff<br>Zeta Alliance <br>Co-founder & Developer<br>zetalliance.org | github.com/Zimbra-Community<br><br>+31 617 220 227<br>Fingerprint: 97f4694a1d9aedad012533db725ddd156d36a2d0<br><br>----- Original Message -----<br>From: "Andreas Wolske" <andreas.wolske@managedhosting.de><br>To: users@lists.zetalliance.org<br>Sent: Monday, November 27, 2017 2:23:52 PM<br>Subject: Re: [Users] Having some `brute` force log-in attempts on Zimbra<br><br>Hi Barry,<br><br>Am 27.11.2017 um 14:07 schrieb Barry de Graaff:<br>> Hello Folks,<br>> <br>> I am seeing some subtle brute force log-in attempts on the Alliance mailserver.<br>> <br>> Every hour or so, someone from different locations in Brazil is trying to log onto<br>> our server. And it does not seem to be a normal user with a wrong password or so.<br>> <br>> What do you guys use to mitigate these? Should I add some fail2ban?<br><br>We use composite DROP (Don't route or peer) Lists for iptables and<br>a customized fail2ban setup tailored to meet zimbra logfile<br>configurations.<br><br>I could provide both configurations as an example.<br><br>BR<br><br>-- <br><br>Andreas Wolske<br>Geschäftsführer<br><br>------------ managedhosting.de - Enterprise Cloud Services ------------<br><br>VMware Hybrid Cloud Powered Service Provider<br>Red Hat Certified Cloud & Service Provider<br>Zimbra Gold Partner<br>FileCloud Certified Partner<br>veeam Cloud Provider<br><br>p +49 30 202364910<br>f +49 30 202364919<br>m +49 151 21258008<br><br>@ andreas.wolske@managedhosting.de<br>w https://www.managedhosting.de<br><br>Pflichtangaben nach §35a GmbHG: https://www.managedhosting.de/legal<br></blockquote></div></div></body></html>