thank to jraby, the sogo.log can now be used for fail2ban, even in the proxy
setup. This has been implemented in the feature request
2229(http://www.sogo.nu/bugs/view.php?id=2229). Fail2ban allows to ban IPs of
users who persistently (in the example 5 times) fail to login in a certain
time. The ban can be temporary or permanent and an admin can be configured to
be informed by mail.
The ban is done via IP tables. Setup-time ~ 10 min.
Slightly off topic, but an alternative to fail2ban is, I believe,
password policy overlay for ldap (if using ldap for auth). I allows a
limit on max login attempts within a set time period among other
features This sas the advantage of locking the account at the source so
it works on sogo, imap, smtp tls, etc, etc. That said, I've never gotten
it to work as the configuration instructions are for the old style of
slapd config, not the do 'all configuration as an ldif entry'. Since I
think many people on the list are using ldap for authentication, has
anyone gotten ldap password policy overlay to work? Thoughts about it?
Recommend any installation guides? (Debian squeeze / slapd 2.4.23)
Thanks,
Ben
--
[email protected]
https://inverse.ca/sogo/lists
