Chris Hilts grabbed a keyboard and wrote:
>
> casfre@xxxxxxxxx wrote:
>
> > I already have fail2ban running to protect a ssh server. Until
> > now ( just 1 day ), it is running ok.
>
> > I will use your rules to protect squirrelmail too. :-) I
> > already use squirrel_logger. :-)
>
> I would recommend using fail2ban to protect the underlying SMTP and
> IMAP services rather than SquirrelMail, as it is just a client for
> those services. You want to protect the services themselves. YMMV,
> of course.
Fail2ban should be used to protect those services as well. However, if
someone manages to get logged in to the Squirrelmail interface, they'll
have all the access that they *want* to the underlying SMTP & IMAP
services. Protecting the interface from a brute-force login attack
shouldn't be ignored, and fail2ban can help with that.
--Dave
Attachment:
signature.asc
Description: PGP signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
