ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

CSF V2.87 not blocking IP whith POP3-SSL

https://mail.forum.configserver.com/viewtopic.php?t=711

Page 1 of 1

CSF V2.87 not blocking IP whith POP3-SSL

Posted: 13 Aug 2007, 15:59
by Marc
Hi,

CSF is configured to block IP after 5 attempts to POP3 with these values :
LF_POP3D = 5
LF_POP3D_PERM = 900

This works fine when using the POP standard port 110

When i switch to POP3-SSL using port 995, CSF doesn't detect POP failed login.

Here the content of maillog file :
Aug 13 16:45:36 looping pop3d-ssl: LOGIN FAILED, user=xxx-yyy@domain_name.info, ip=[::ffff:81.246.242.199]
Aug 13 16:45:41 looping pop3d-ssl: LOGOUT, ip=[::ffff:81.246.242.199]
Aug 13 16:45:57 looping pop3d-ssl: LOGIN FAILED, user=xxx-yyy@domain_name.info, ip=[::ffff:81.246.242.199]
Aug 13 16:46:02 looping pop3d-ssl: LOGOUT, ip=[::ffff:81.246.242.199]
Aug 13 16:46:18 looping pop3d-ssl: LOGIN FAILED, user=xxx-yyy@domain_name.info, ip=[::ffff:81.246.242.199]
Aug 13 16:46:23 looping pop3d-ssl: LOGOUT, ip=[::ffff:81.246.242.199]
Aug 13 16:46:32 looping pop3d-ssl: LOGIN FAILED, user=xxx-yyy@domain_name.info, ip=[::ffff:81.246.242.199]
Aug 13 16:46:37 looping pop3d-ssl: LOGOUT, ip=[::ffff:81.246.242.199]
Aug 13 16:46:45 looping pop3d-ssl: LOGIN FAILED, user=xxx-yyy@domain_name.info, ip=[::ffff:81.246.242.199]
Aug 13 16:46:50 looping pop3d-ssl: LOGOUT, ip=[::ffff:81.246.242.199]
Aug 13 16:46:56 looping pop3d-ssl: LOGIN FAILED, user=xxx-yyy@domain_name.info, ip=[::ffff:81.246.242.199]
Aug 13 16:47:01 looping pop3d-ssl: LOGOUT, ip=[::ffff:81.246.242.199]


Any ideas ?

Regards,

marc

Posted: 13 Aug 2007, 16:57
by chirpy
The regex's aren't checking for POP3 access over SSL (or IMAP over SSL for that matter).

I'll look at crafting some and will post and/or release in the next version.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited