Hello,
i more and more become this messages in logs:
Jul 6 20:43:56 ks3374456 dovecot: auth: Error: passwd-file(jean@proxy.silviosiefke.com,213.130.118.102): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 21:35:32 ks3374456 dovecot: auth: Error: passwd-file(jennifer@proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 21:35:38 ks3374456 dovecot: auth: Error: passwd-file(jennifer@proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 21:35:44 ks3374456 dovecot: auth: Error: passwd-file(jennifer@proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 22:27:13 ks3374456 dovecot: auth: Error: passwd-file(jack@proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 22:27:20 ks3374456 dovecot: auth: Error: passwd-file(jack@proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 22:27:26 ks3374456 dovecot: auth: Error: passwd-file(jack@proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 22:36:49 ks3374456 dovecot: auth: Error: passwd-file(eric@proxy.silviosiefke.com,41.21.178.38): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
I understand not, because i have set dovecot so it launched only on my vpn ips. Give there a way to underbind this tries? I have installed fail2ban. Maybe im stupid, because this help not or i has set wrong entrys.
<dovecot> service imap-login { inet_listener imap { address = 10.8.0.1 port = 12520 }
inet_listener imaps { address = 10.8.0.1 port = 12550 } } </dovecot>
<fail2ban> [dovecot] enabled = true filter = dovecot action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp] logpath = /var/log/mail.log
[dovecot-auth] enabled = true filter = dovecot action = iptables-multiport[name=dovecot-auth, port="12520,12550,submission,465,sieve", protocol=tcp] logpath = /var/log/mail.log </fail2ban>
Thanks for help & Nice day Silvio
On 07/07/2014 14:22, Silvio Siefke wrote:
service imap-login { port = 12520
inet_listener imaps { port = 12550
<fail2ban> [dovecot] enabled = true filter = dovecot action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp] logpath = /var/log/mail.log
Silvio, one reason why fail 2 ban is not trapping those may be because: (a) in Dovecot you have defined your imap and imaps services to be ports around 125x0, whereas (b) in fail2ban you have relied on the standard imap and imaps definitions, which are 143 (I think) and 993
Might you need to enter 12520 and 12550 in your fail2ban stanza, instead of imap and imaps? Just an idea, I could be wrong; I've never set that up, myself.
You mention vpn. There may also be a second problem with your network anyway, if 12520 and 12550 are vpn ports, because external traffic should not be able to appear on those, unless a vpn entry is compromised, somewhere. (That is, assuming there is a separate vpn access control system outside of Dovecot.)
regards, Ron
Am 07.07.2014 15:22, schrieb Silvio Siefke:
Hello,
i more and more become this messages in logs:
Jul 6 20:43:56 ks3374456 dovecot: auth: Error: passwd-file(jean@proxy.silviosiefke.com,213.130.118.102): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 21:35:32 ks3374456 dovecot: auth: Error: passwd-file(jennifer@proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 21:35:38 ks3374456 dovecot: auth: Error: passwd-file(jennifer@proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 21:35:44 ks3374456 dovecot: auth: Error: passwd-file(jennifer@proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 22:27:13 ks3374456 dovecot: auth: Error: passwd-file(jack@proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 22:27:20 ks3374456 dovecot: auth: Error: passwd-file(jack@proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 22:27:26 ks3374456 dovecot: auth: Error: passwd-file(jack@proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory Jul 6 22:36:49 ks3374456 dovecot: auth: Error: passwd-file(eric@proxy.silviosiefke.com,41.21.178.38): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
I understand not, because i have set dovecot so it launched only on my vpn ips. Give there a way to underbind this tries? I have installed fail2ban. Maybe im stupid, because this help not or i has set wrong entrys.
<dovecot> service imap-login { inet_listener imap { address = 10.8.0.1 port = 12520 }
inet_listener imaps { address = 10.8.0.1 port = 12550 } } </dovecot>
<fail2ban> [dovecot] enabled = true filter = dovecot action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp] logpath = /var/log/mail.log
[dovecot-auth] enabled = true filter = dovecot action = iptables-multiport[name=dovecot-auth, port="12520,12550,submission,465,sieve", protocol=tcp] logpath = /var/log/mail.log </fail2ban>
Thanks for help & Nice day Silvio
Seems as if you have configured Dovecot to use a file that doesn't exist. This has nothing to do with fail2ban. Let's see the output of "doveconf -n" to start with.
-- Alex JOST
participants (3)
-
Alex JOST
-
Ron Leach
-
Silvio Siefke