Hi guys,
I’m having a multi-server Zimbra environment as follow: 1 LDAP + 2 MTA + 2 MAILBOX + 1 PROXY.
I’m setting Fail2Ban on Zimbra 8.8 with Centos 7 to prevent the brute force attacks.
I’m following this article http://linux-sys-adm.com/how-to-configu ... p-by-step/. But, I am seeing that this post only working for a single server environment. Let me explain to you.
These logs are stored at Mailbox Server.
[zimbra-account]
enabled = true
filter = zimbra
action = iptables-allports[name=Zimbra-account]
sendmail[name=Zimbra-account, dest=mslavov@linux-sys-adm.com]
logpath = /opt/zimbra/log/mailbox.log
bantime = -1
maxretry = 4
[zimbra-audit]
enabled = true
filter = zimbra
action = iptables-allports[name=Zimbra-audit]
sendmail[name=Zimbra-audit, dest=mslavov@linux-sys-adm.com]
logpath = /opt/zimbra/log/audit.log
bantime = -1
maxretry = 2
This log is being stored at MTA Server.
[postfix]
enabled = true
filter = postfix
action = iptables-multiport[name=Postfix, port=smtp, protocol=tcp]
sendmail-buffered[name=Postfix, dest=mslavov@linux-sys-adm.com]
logpath = /var/log/maillog
bantime = -1
maxretry = 5
So, can I ask you the question?
Can you please let me know where is being installed Fail2Ban? MTA or Mailbox or both on 2 servers? I have read every article on setting up Fail2Ban and they are all different.
Can you please share for me these Fail2Ban configuration files as ( /etc/fail2ban/jail.conf, /etc/fail2ban/filter.d/zimbra.conf, and /etc/fail2ban/action.d/iptables-allports.conf) are working on multi server environment?
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
Fail2Ban on Zimbra 8.8 with Centos 7
-
- Posts: 4
- Joined: Mon Apr 09, 2018 2:06 am
- Location: Vietnam
Who is online
Users browsing this forum: No registered users and 30 guests