Protect kopano-gateway

  • Hi,

    From time to time kopano-gateway doesn’t answer anymore (IMAPS), I end by restarting the process.

    After some check I noticed there was a lot of connections, most of them didn’t even try authentication, some kept trying bruteforce.

    What do is the best solution to protect this ? (fail2ban, firewall rules, configuration settings, …)

    Thanks !

  • I use fail2ban with ufw for it on my Debian server

    Here you go, what i use.

    # /etc/fail2ban/filter.d/kopano-gateway.conf
    # Fail2Ban configuration file
    # Kopano Gateway : /var/log/kopano/gateway.log
    before = common.conf
    # Option:  failregex
    # Notes.:  regex to match the password failures messages in the logfile. The
    #          host must be matched by a group named "host". The tag "<HOST>" can
    #          be used for standard IP/hostname matching and is only an alias for
    #          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
    # Values:  TEXT
    failregex = Failed to login from <HOST> with invalid username
                Failed to login from <HOST>:[0-9]{2,5} with invalid username
    ignoreregex =
    journalmatch = _SYSTEMD_UNIT=fail2ban.service


    # /etc/fail2ban/jail.d/local-jail.conf 
    enabled  = false
    port     = smtp,ssmtp,submission,imap2,imap3,imaps,pop3,pop3s
    filter   = kopano-gateway
    banaction = ufw

Log in to reply