Benoit Tellier created JAMES-3897:
-------------------------------------
Summary: IP filtering with CrowdSec
Key: JAMES-3897
URL: https://issues.apache.org/jira/browse/JAMES-3897
Project: James Server
Issue Type: Sub-task
Reporter: Benoit Tellier
Thanks to recommandation from a collegue Xavier GUIMARD, I discovered CrowdSec
( https://www.crowdsec.net/ ).
CrowdSec is a free, modern & collaborative behavior detection engine, coupled
with a global IP reputation network, based on IA behaviour refinement.
Develop a third-party plugin for questionning crowdSec:
- Create a SMTP EHLO hook questionning via a REST call the CrowdSec local agent
- Create a mailet questionning via a REST call the CrowdSec local agent
- Create a mailet to provision local CrowdSec database (for highest level of
spam for instance)
- Think about the interfaces we would need to question CrowdSec upon incoming
IMAP connections
- Externalize behaviour linked to failed login attempts (sleep, 3 failure
connection closure) as configurable extensible plugins.
- Use it to manage IP reporting to crowdSec, especially upon failed
authentications (~fail2ban).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
