Re: Cyrus imap and identity theft

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

fail2ban can do anything you want - including what you describe - you just have tell it what to look for in the logs!


--
Merlin Hartley
Computer Officer
MRC Mitochondrial Biology Unit
University of Cambridge
Cambridge, CB2 0XY
United Kingdom

On 26 Feb 2019, at 14:20, Stephane Branchoux <stephane.branchoux@xxxxxxxxxxxx> wrote:

Hello,

Thanks for the link to ipset-balcklist, i will try it.

fail2ban is not interesting for me because with phishing, connexions are succeded !

I would like to detect and block succeed  connections when a user connects from multiple

countries the same day.

Thanks

Le 26/02/2019 à 12:00, Neil Price a écrit :

On 22/02/2019 08:41 PM, Stéphane Branchoux wrote:

Each week , few users respond to phishing mails.
I use rules on firewalls, DNS filters, training program for users , anti spam products , anti virus ….

I am looking for a way or tools to reduce identity theft on my Cyrus imap server.
For example , scripts to geo localise ip requests , detect and reject bad connexions  ?
Is it possible to authorize few devices for a user and reject other devices  ?

Which tools do you use on your Cyrus imap servers to protect them ?



fail2ban and fail2ban-repeater https://stuffphilwrites.com/2013/03/permanently-ban-repeat-offenders-fail2ban/
ipset-blacklist https://github.com/trick77/ipset-blacklist (great for banning whole countries)
password policies

Plus the usual: SPF, clam, spamassassin, greylisting, etc
Spam check outgoing mail too.
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

--
Stephane BRANCHOUX
Centre de Ressources Informatiques de l'Université de Perpignan.
Systèmes/Réseaux - RSSI
mailto:stephane.branchoux@xxxxxxxxxxxx
04 68 66 21 24 / 07 60 73 38 42


----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux