We've been running a very low-traffic Zimbra test installation over our ADSL connection for over a year now with no problems. But I suddenly realised, I don't have fail2ban running on this Zimbra machine to filter any brute-force login attempts made to the Zimbra services.
What sort of security should we be implementing on an internet-facing Zimbra machine?
Has anyone got fail2ban running on a Zimbra installation?
Normally it's very easy to get up and running but with Zimbra the logging formats or locations are very different to that of standard packages that already have fail2ban jail configurations out there.
Does Zimbra have anything like this built-in?
Is there any other security software we should look at installing on our Zimbra machine? I was told that keeping it as "pure" as possible would be the best way forward.