Search found 30 matches
- Fri Apr 22, 2016 10:25 am
- Forum: Administrators
- Topic: Brute force attack & SPAM configuration
- Replies: 20
- Views: 20280
Re: Brute force attack
I'm using file2ban, I want to underline that the ip address of the client who made the login attemps is not correct (it's my server public ip) and this is a problem. Please explain what do you mean when you write it is an attack aginst postfix, i see port 7071 into the log. How can I understand if ...
- Fri Apr 22, 2016 10:20 am
- Forum: Italian
- Topic: DSPAM O SpammAssasin?
- Replies: 0
- Views: 16825
DSPAM O SpammAssasin?
Ragazzi, sono nuovo di zimbra, mi trovo a gestire un gruppo di server con configurazioni simili, ma diverse. C'erano molti problemi che gradualmente sto affrontando e risolvendo, ma mi restano dei dubbi: Zimbra di base per combattere lo SPAM usa DSPAM o SpamAssisin o entrambi? Io ho notato che sui s...
- Fri Apr 22, 2016 10:13 am
- Forum: Italian
- Topic: msaccess 2010 vs zimbra posta inviata
- Replies: 4
- Views: 21249
Re: msaccess 2010 vs zimbra posta inviata
Ma qui non siamo nella sezione internazionale/Italia? :P Ora si, il thread era stato aperto nella sezione Developers e poi spostato qui dopo la mia risposta :) Bene, allora vediamo di tenere attiva questa sezione :) Io da niubbo perfetto ora sono niubbo meno un quarto per quanto concerne Zimbra ma ...
- Wed Apr 20, 2016 9:05 am
- Forum: Administrators
- Topic: Brute force attack & SPAM configuration
- Replies: 20
- Views: 20280
Re: Brute force attack
You should block the acces to the admin console port (specified by zimbraAdminBindAddress - default 7071) to permit access from only trusted networks. You can change the firewall rules on your security gateway or you can use a firewall on your mail server(s) (ex. iptables on linux boxes) Access to ...
- Mon Apr 18, 2016 1:22 pm
- Forum: Administrators
- Topic: Brute force attack & SPAM configuration
- Replies: 20
- Views: 20280
Re: Brute force attack
Hi :) Hello. You should check postfix's log files (usually /var/log/mail) Thank you, I don't have var/log/mail I've /var/log/maillog. I use the standard zimbra log /opt/zimbra/audit.log mailbox.log and /var/log/zimbra.log my fail2ban jail indicate for postfix: [postfix] enabled = true filter = postf...
- Mon Apr 18, 2016 7:35 am
- Forum: Administrators
- Topic: Brute force attack & SPAM configuration
- Replies: 20
- Views: 20280
Re: Brute force attack
I'm using file2ban, I want to underline that the ip address of the client who made the login attemps is not correct (it's my server public ip) and this is a problem. Please explain what do you mean when you write it is an attack aginst postfix, i see port 7071 into the log. How can I understand if ...
- Sun Apr 17, 2016 9:36 am
- Forum: Italian
- Topic: msaccess 2010 vs zimbra posta inviata
- Replies: 4
- Views: 21249
Re: msaccess 2010 vs zimbra posta inviata
Ma qui non siamo nella sezione internazionale/Italia?
- Sun Apr 17, 2016 9:32 am
- Forum: Administrators
- Topic: Brute force attack & SPAM configuration
- Replies: 20
- Views: 20280
Re: Brute force attack
I'm using file2ban, I want to underline that the ip address of the client who made the login attemps is not correct (it's my server public ip) and this is a problem. Please explain what do you mean when you write it is an attack aginst postfix, i see port 7071 into the log. How can I understand if m...
- Fri Apr 15, 2016 3:41 pm
- Forum: Administrators
- Topic: How to prevent hacker multiple login attempt?
- Replies: 3
- Views: 3426
Re: How to prevent hacker multiple login attempt?
Well I'm testing fail2ban, it's a solution at this problem (ban the ip who generate bad login too often) but I have a problem due to the zimbra log process. I hope it work for you. a reference http://linux-sys-adm.com/how-to-configure-firewall-and-fail2ban-for-prevent-brute-force-attack-zimbra-8.6-o...
- Fri Apr 15, 2016 3:31 pm
- Forum: Administrators
- Topic: Brute force attack & SPAM configuration
- Replies: 20
- Views: 20280
Brute force attack & SPAM configuration
Hi, I'm new to Zimbra but I had to manage a group of server using: Release 8.6.0_GA_1153.RHEL6_64_20141215151155 RHEL6_64 FOSS edition. and Release 8.0.5_GA_5839.RHEL6_64_20130910123908 RHEL6_64 FOSS edition. I'm in trouble understandig the actual zimbra configuration (I found the server screaming u...