Correct way of implementing Fail2Ban with Zimbra 8.7+

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
Broco
Posts: 8
Joined: Sat Sep 13, 2014 3:37 am

Correct way of implementing Fail2Ban with Zimbra 8.7+

Post by Broco »

Hello, is there any guide out there how to correctly implement Fail2Ban with Zimbra 8.7+?
The old guides don't really fit anymore (e.g. "ip" has been replaced by "oip" in the logs). Is it recommended? We have some problems with bots trying to log in which results in Accounts being locked and those Accounts are shared accounts which nobody logs into directly so I have to manually unlock them everytime this happens (~ once a week).
Any suggestions?
vchong68
Posts: 23
Joined: Sat Apr 30, 2016 4:45 am
Location: Singapore
ZCS/ZD Version: Release 8.7.11.GA.1854.UBUNTU16.64

Correct way of implementing Fail2Ban with Zimbra 8.7+

Post by vchong68 »

Enable the sasl jail with postfix-sasl filter on mailbox.log should be fine. My zimbra jail has rarely catched anything.


Sent from my iPad using Tapatalk
tkriviradev
Posts: 3
Joined: Wed Dec 07, 2016 1:34 pm

Re: Correct way of implementing Fail2Ban with Zimbra 8.7+

Post by tkriviradev »

This is one of the good guides.

OF course you can always do more than this and you can always customize your solution.

However here is one of the good guides.

http://linux-sys-adm.com/how-to-configu ... p-by-step/
Labsy
Outstanding Member
Outstanding Member
Posts: 411
Joined: Sat Sep 13, 2014 12:52 am

Re: Correct way of implementing Fail2Ban with Zimbra 8.7+

Post by Labsy »

tkriviradev wrote:This is one of the good guides.

OF course you can always do more than this and you can always customize your solution.

However here is one of the good guides.

http://linux-sys-adm.com/how-to-configu ... p-by-step/
The code there is messed up due to web site posting restrictions - some parts with single or double quotes are missing, rendering code useless, unfortunatelly.
Post Reply