Der Perfekt Server - Debian Squeeze (Debian 6.0) mit BIND und Courier [ISPConfig 3] - Seite 5

16 Installieren von fail2ban Um Fail2ban zu Installieren brauchen wir nur folgendes Kommando:

apt-get install fail2ban
Damit fail2ban ebenfalls PureFTPd, SASL und Courier überwacht erstellen wir eine neue Datei /etc/fail2ban/jail.local:

vi /etc/fail2ban/jail.local
[pureftpd]
enabled = true port = ftp filter = pureftpd logpath = /var/log/syslog maxretry = 3 [sasl] enabled = true port = smtp filter = sasl logpath = /var/log/mail.log maxretry = 5 [courierpop3] enabled = true port = pop3 filter = courierpop3 logpath = /var/log/mail.log maxretry = 5 [courierpop3s] enabled = true port = pop3s filter = courierpop3s logpath = /var/log/mail.log maxretry = 5 [courierimap] enabled = true port = imap2 filter = courierimap logpath = /var/log/mail.log maxretry = 5 [courierimaps] enabled = true port = imaps filter = courierimaps logpath = /var/log/mail.log maxretry = 5
Nun brauchen wir noch 5 Filter Dateien:

vi /etc/fail2ban/filter.d/pureftpd.conf
[Definition]
failregex = .*pure-ftpd: (.*@) [WARNING] Authentication failed for user.* ignoreregex =
vi /etc/fail2ban/filter.d/courierpop3.conf
# Fail2Ban configuration file
# # $Revision: 100 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?PS+) # Values: TEXT # failregex = pop3d: LOGIN FAILED.*ip=[.*:] # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =
vi /etc/fail2ban/filter.d/courierpop3s.conf
# Fail2Ban configuration file
# # $Revision: 100 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?PS+) # Values: TEXT # failregex = pop3d-ssl: LOGIN FAILED.*ip=[.*:] # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =
vi /etc/fail2ban/filter.d/courierimap.conf
# Fail2Ban configuration file
# # $Revision: 100 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?PS+) # Values: TEXT # failregex = imapd: LOGIN FAILED.*ip=[.*:] # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =
vi /etc/fail2ban/filter.d/courierimaps.conf
# Fail2Ban configuration file
# # $Revision: 100 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?PS+) # Values: TEXT # failregex = imapd-ssl: LOGIN FAILED.*ip=[.*:] # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =
Jetzt Restarten wir fail2ban:

/etc/init.d/fail2ban restart

17 Installieren von SquirrelMail

Um SquirrelMail webmail client zu installieren, starte

apt-get install squirrelmail
dann erstelle den folgenden Symlink für Squirrelmail und einen für PHPmyAdmin.

ln -s /usr/share/squirrelmail/ /var/www/webmail
ln -s /usr/share/phpmyadmin/ /var/www/phpmyadmin

…und konfiguriere SquirrelMail:

squirrelmail-configure
Wir müssen  SquirrelMail sagen, das wir Courier-IMAP/-POP3 benutzen:
SquirrelMail Configuration : Read: config.php (1.4.0) ——————————————————— Main Menu – 1. Organization Preferences 2. Server Settings 3. Folder Defaults 4. General Options 5. Themes 6. Address Books 7. Message of the Day (MOTD) 8. Plugins 9. Database 10. Languages D. Set pre-defined settings for specific IMAP servers C Turn color on S Save data Q Quit Gib ein: D SquirrelMail Configuration : Read: config.php ——————————————————— While we have been building SquirrelMail, we have discovered some preferences that work better with some servers that don't work so well with others. If you select your IMAP server, this option will set some pre-defined settings for that server. Please note that you will still need to go through and make sure everything is correct. This does not change everything. There are only a few settings that this will change. Please select your IMAP server: bincimap = Binc IMAP server courier = Courier IMAP server cyrus = Cyrus IMAP server dovecot = Dovecot Secure IMAP server exchange = Microsoft Exchange IMAP server hmailserver = hMailServer macosx = Mac OS X Mailserver mercury32 = Mercury/32 uw = University of Washington's IMAP server quit = Do not change anything Gib ein: courier imap_server_type = courier default_folder_prefix = INBOX. trash_folder = Trash sent_folder = Sent draft_folder = Drafts show_prefix_option = false default_sub_of_inbox = false show_contain_subfolders_option = false optional_delimiter = . delete_folder = true Press any key to continue… Taste drücken SquirrelMail Configuration : Read: config.php (1.4.0) ——————————————————— Main Menu – 1. Organization Preferences 2. Server Settings 3. Folder Defaults 4. General Options 5. Themes 6. Address Books 7. Message of the Day (MOTD) 8. Plugins 9. Database 10. Languages D. Set pre-defined settings for specific IMAP servers C Turn color on S Save data Q Quit Eingabe: S SquirrelMail Configuration : Read: config.php (1.4.0) ——————————————————— Main Menu – 1. Organization Preferences 2. Server Settings 3. Folder Defaults 4. General Options 5. Themes 6. Address Books 7. Message of the Day (MOTD) 8. Plugins 9. Database 10. Languages D. Set pre-defined settings for specific IMAP servers C Turn color on S Save data Q Quit Eingabe>>
Anschließend kannst du SquirrelMail unter http://server1.example.com/webmail oder http://192.168.0.100/webmail erreichen:

bild

4 Kommentar(e)

Zum Posten von Kommentaren bitte

Kommentare

Von: greyhound

Super Anleitung! Hatte nach der Installation nur das Problem, dass Postfix nur am lo lauschte. Überprüfen und einstellen kann man das in der /etc/postfix/main.cf: dort muss inet_interfaces = all stehen.


Von: grattu

Probleme mit FTP-Server
Ich nutze das Howto auf meinem STRATO-Server.
Es scheint auch alles zu funktionieren.
Leider bekomme ich keine Verbindung zum FTP-Server.
Ich erhalte als Fehlermeldung: "Authentifizierungs-Fehler"
Ich habe die Installation schon mehrfach vorgenommen, aber ohne Erfolg.
Ich kann natürlich mehr Infos geben, aber ich müßte erstmal wissen was.


Von: Till

Poste Deine Fragen bitte mal im forum.


Von: Xcantion

Wär zumindest einfacher um dein Problem zu lösen...
Dieses Howto hier ist lediglich eine Variante von vielen...