Cyrus imap and identity theft

Merlin Hartley merlin at mrc-mbu.cam.ac.uk
Tue Feb 26 09:35:48 EST 2019 

fail2ban can do anything you want - including what you describe - you just have tell it what to look for in the logs!


--
Merlin Hartley
Computer Officer
MRC Mitochondrial Biology Unit
University of Cambridge
Cambridge, CB2 0XY
United Kingdom

> On 26 Feb 2019, at 14:20, Stephane Branchoux <stephane.branchoux at univ-perp.fr> wrote:
> 
> Hello,
> 
> Thanks for the link to ipset-balcklist, i will try it.
> 
> fail2ban is not interesting for me because with phishing, connexions are succeded !
> 
> I would like to detect and block succeed  connections when a user connects from multiple
> 
> countries the same day.
> 
> Thanks
> 
> Le 26/02/2019 à 12:00, Neil Price a écrit :
>> 
>> On 22/02/2019 08:41 PM, Stéphane Branchoux wrote:
>>> 
>>> Each week , few users respond to phishing mails.
>>> I use rules on firewalls, DNS filters, training program for users , anti spam products , anti virus ….
>>> 
>>> I am looking for a way or tools to reduce identity theft on my Cyrus imap server.
>>> For example , scripts to geo localise ip requests , detect and reject bad connexions  ?
>>> Is it possible to authorize few devices for a user and reject other devices  ?
>>> 
>>> Which tools do you use on your Cyrus imap servers to protect them ?
>>> 
>>> 
>> 
>> fail2ban and fail2ban-repeater https://stuffphilwrites.com/2013/03/permanently-ban-repeat-offenders-fail2ban/
>> ipset-blacklist https://github.com/trick77/ipset-blacklist (great for banning whole countries)
>> password policies
>> 
>> Plus the usual: SPF, clam, spamassassin, greylisting, etc
>> Spam check outgoing mail too.
>> ----
>> Cyrus Home Page: http://www.cyrusimap.org/
>> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
>> To Unsubscribe:
>> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
> 
> -- 
> Stephane BRANCHOUX
> Centre de Ressources Informatiques de l'Université de Perpignan.
> Systèmes/Réseaux - RSSI
> mailto:stephane.branchoux at univ-perp.fr
> 04 68 66 21 24 / 07 60 73 38 42
> 
> 
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20190226/d4c004bc/attachment-0001.html>

More information about the Info-cyrus mailing list