On Sun, 2018-06-03 at 13:52 -0300, Henrique Fagundes wrote: > Dear Colleagues, > > Good afternoon! > > I begin by apologizing for the fact that this text is difficult to > interpret because I am Brazilian and I do not have many English > language > skills. > > I'm having a hard time using Fail2Ban along with MailMan mailing > list > management software. > > My idea is that when the attacker / attacker incorrectly enters the > password of the login field in the web interface, it is blocked. But > for > this to work, it is necessary for MailMan to report unsuccessful > login > attempts in its log. > > I have already checked to see if there is a plugin or extension > (just > like it exists for Wordpress and PHPMyAdmin), but it seems like there > is > nothing developed for this. > > So I would like to know if anyone has ever had the need to do this > implementation, so I can have some way. > > If anyone can help me, I will be very grateful.
Hello, I use the attached patch for Mailman/Utils.py to log the listname and remoteIP to the mischief log. Mark, if you think this should be in the regular release let me know and I'll submit a merge request. -Jim P.
=== modified file 'Mailman/Utils.py' --- Mailman/Utils.py 2015-09-17 17:11:08 +0000 +++ Mailman/Utils.py 2015-10-20 13:36:09 +0000 @@ -104,7 +104,11 @@ # But first ensure the list name doesn't contain a path traversal # attack. if len(re.sub(mm_cfg.ACCEPTABLE_LISTNAME_CHARACTERS, '', listname)) > 0: - syslog('mischief', 'Hostile listname: %s', listname) + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('mischief', 'Hostile listname: listname=%s remote=%s', listname, remote) return False basepath = Site.get_listpath(listname) for ext in ('.pck', '.pck.last', '.db', '.db.last'):
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org