1 Topic by pepito_palotes2000

  • pepito_palotes2000
  • Member
  • Offline
  • Registered: 2015-01-14
  • Posts: 6

Topic: How to setup fail2ban to work with SOGo

==== Required information ====
- iRedMail version: 0.8.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: CentOS release 6.6 (Final)
- Related log if you're reporting an issue:
- Fail2ban: fail2ban-0.8.14-1.el6.noarch
- SOGo: sogo-2.2.15-1.centos6.x86_64 and sogo-activesync-2.2.15-1.centos6.x86_64
====

Hi,

I would like to share to the community how to setup fail2ban to work with SOGo.
This will improve server security blocking too many failed login attempts.

You must only add this in /etc/fail2ban/jail.local :
[SOGo]
enabled     = true
filter      = sogo-auth
port        = http, https
# without proxy this would be:
# port    = 20000
action      = iptables-multiport[name=SOGo, port="http,https", protocol=tcp]
logpath     = /var/log/sogo/sogo.log

Best regards

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: How to setup fail2ban to work with SOGo

Thanks for sharing. I will enable this filter in next release of iRedMail by default. smile

== UPDATE ==

Implemented in iRedMail development version.