Fail2ban integration/compatibility for SASL Auth #49
Comments
|
This should be relatively easy to just add to the container, since were using dovecot anyway: https://wiki.dovecot.org/HowTo/Fail2Ban Also, since the "container local" port is always 587, we can configure Fail2Ban inside the container very easily. Remapping the port outside of the container won't have any effect, so a 'hardcoded' port is fine, I think. Should we go this route? Or make the log available outside the container via volumes and let the "user" add it to their existing Fail2Ban config? |
|
I have to admit, I haven't used Fail2ban myself, so I don't know what setup would be better. Probably easier to use if it's all integrated. But if it's not hard to also distribute a configured Fail2Ban sidecar, that would also be nice and could be reused in multiple containers. |
I don't exactly know whats needed, but it would be great to have the SASL Auth log be easy to parse with Fail2Ban to allow for a sidecar container or direct integration of Fail2Ban. This would make it easier to not act as a Bruteforce relay to the zimbraweb interface.
The text was updated successfully, but these errors were encountered: