Cyrus imap and identity theft
Stephane Branchoux
stephane.branchoux at univ-perp.fr
Tue Feb 26 09:20:40 EST 2019
Hello,
Thanks for the link to ipset-balcklist, i will try it.
fail2ban is not interesting for me because with phishing, connexions are
succeded !
I would like to detect and block succeed connections when a user
connects from multiple
countries the same day.
Thanks
Le 26/02/2019 à 12:00, Neil Price a écrit :
>
> On 22/02/2019 08:41 PM, Stéphane Branchoux wrote:
>>
>> Each week , few users respond to phishing mails.
>> I use rules on firewalls, DNS filters, training program for users ,
>> anti spam products , anti virus ….
>>
>> I am looking for a way or tools to reduce identity theft on my Cyrus
>> imap server.
>> For example , scripts to geo localise ip requests , detect and reject
>> bad connexions ?
>> Is it possible to authorize few devices for a user and reject other
>> devices ?
>>
>> Which tools do you use on your Cyrus imap servers to protect them ?
>>
>>
>
> fail2ban and fail2ban-repeater
> https://stuffphilwrites.com/2013/03/permanently-ban-repeat-offenders-fail2ban/
> ipset-blacklist https://github.com/trick77/ipset-blacklist (great for
> banning whole countries)
> password policies
>
> Plus the usual: SPF, clam, spamassassin, greylisting, etc
> Spam check outgoing mail too.
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
--
Stephane BRANCHOUX
Centre de Ressources Informatiques de l'Université de Perpignan.
Systèmes/Réseaux - RSSI
mailto:stephane.branchoux at univ-perp.fr
04 68 66 21 24 / 07 60 73 38 42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3662 bytes
Desc: Signature cryptographique S/MIME
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20190226/15eec5b1/attachment.p7s>
More information about the Info-cyrus
mailing list