On Thu, 18 Jan 2007 08:44:13 +0200 Wladimir Mutel <[email protected]> wrote: > Package: fail2ban > Version: 0.7.6-1 > Severity: normal > > > Hi, > > It seems that courierlogin filter is just turned off in default > fail2ban configuration. Recently I have been scanned by pop3 > protocol, someone tried to guess logins/passwords for my > mailbox, fortunately without success, but fail2ban did nothing > to filter it. > > I think it should filter that attacker's IP by ports > 25,110,143,993,995, and 465. And that reference to courierlogin > filter should be included in default fail2ban config. > > Thank you in advance for your work. > > -- System Information: > Debian Release: 4.0 > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'stable') > Architecture: i386 (i686) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.18-3-k7 > Locale: LANG=uk_UA.UTF-8, LC_CTYPE=uk_UA.UTF-8 (charmap=UTF-8) > > Versions of packages fail2ban depends on: > ii iptables 1.3.6.0debian1-5 administration tools for packet fi > ii lsb-base 3.1-22 Linux Standard Base 3.1 init scrip > ii python 2.4.4-2 An interactive high-level object-o > ii python-central 0.5.12 register and build utility for Pyt > > fail2ban recommends no packages. > > -- debconf-show failed > > NĂ³
