Discussion:
CentOS + Kolab + Fail2Ban + IMAP
ladas
2018-05-07 08:23:21 UTC
Permalink
Good morning to everyone in user list.

Has someone any experience how to detect bad login IP address at IMAP
protocol? At maillog I can see only 127.0.0.1 IP address, at guam logs
is nothing :( At windows I can use Outlook with ActiveSync where source
IP is logged but at linux with Evolution or Kontact client I can use
just IMAP protocol. Unfortunately I did not find "attacker" source IP
address + imap bad login notice at any log :(
Thank you for any ideas.

Greetings,
ladas
Mihai Badici
2018-05-07 08:39:56 UTC
Permalink
This should be in apache's log or better in roundcube if failed logins
are logged but probably you will need to adjust the filters
Post by ladas
Good morning to everyone in user list.
Has someone any experience how to detect bad login IP address at IMAP
protocol? At maillog I can see only 127.0.0.1 IP address, at guam logs
is nothing :( At windows I can use Outlook with ActiveSync where
source IP is logged but at linux with Evolution or Kontact client I
can use just IMAP protocol. Unfortunately I did not find "attacker"
source IP address + imap bad login notice at any log :(
Thank you for any ideas.
Greetings,
ladas
_______________________________________________
users mailing list
https://lists.kolab.org/mailman/listinfo/users
Loading...