Results 1 to 4 of 4

Thread: Web Login IP Blocks

  1. #1
    r8escjohn's Avatar
    r8escjohn is offline Senior Member
    Join Date
    Jan 2008
    Location
    Columbia City IN
    Posts
    68
    Rep Power
    7

    Default Web Login IP Blocks

    I apologize if this has been asked many times over, but searched forums and not able to locate this exact question. Still in process of migrating our existing Web based mail system to Zimbra from external folks (Internal have been on Zimbra from about a year now and currently working to get our external folks that use only our outdated web based e-mail system to Zimbra...It has been a slow process...)
    In our old system I was able to limit access to our e-mail Webmail page by using config lines in the apache.conf file. Can I do something similar in Zimbra and if so where? I want the blocks to be allow all->disallow select ip ranges.
    We have had some issues in the past with folks from a certain Country (Starts with a 'Ni') loving to hack in and blast SPAM from us. I know I can do a firewall rule and will do if need be, just wondering if I can do that somewhere in the Zimbra setup.
    Note: I did run across this thread:
    Restricting external access
    and it did not seem to be what I was looking for....That said maybe I am just an idiot.. :-o
    Also, in Zimbra in what log do need to be looking to find HTTP access records, 'zimbra.log'? If Zimbra.log, what syntax do I need to grep for?
    Thanks!

  2. #2
    bdial's Avatar
    bdial is offline Moderator
    Join Date
    Jul 2007
    Location
    Baltimore
    Posts
    1,649
    Rep Power
    11

    Default

    do you have any kind of firewall protecting your server? if so you could just use acl's there. if not you could run iptables on the server itself.

    the audit.log is where you want to look for access log records. i'm not sure if it will tell you about failed login attempts or not.

  3. #3
    r8escjohn's Avatar
    r8escjohn is offline Senior Member
    Join Date
    Jan 2008
    Location
    Columbia City IN
    Posts
    68
    Rep Power
    7

    Default

    bdial,
    Thanks for the quick reply!
    I do have a PIX in front of that box and that is probally the way I will go. Just wondering if there was an 'easier' way in a Zimbra .conf file somewhere to do same thing. Thanks for the tip on the audit.log. Have it and looking at that now.

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,436
    Rep Power
    56

    Default

    Using a firewall can get messy and might be too restrictive. You would be better off (IMO) using spamassassin to block any spam coming into your system. You could start with some of the techniques in this article, the reject_unlisted_recipients and some good RBLs plus modifying your tag/kill percentages would be a good start. If you specifically want to implement a Country ban then take a look at this feature - try one change at a time and see how you get on.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. zmclamdctl is not running after upgrade
    By Darren in forum Installation
    Replies: 24
    Last Post: 10-10-2008, 09:10 AM
  2. [SOLVED] Web login directs user straight to calendar
    By vandehey in forum Administrators
    Replies: 3
    Last Post: 09-19-2008, 03:24 PM
  3. Web Client Interface - Intermittent login problems
    By sprocket in forum Installation
    Replies: 2
    Last Post: 11-19-2007, 06:14 PM
  4. Replies: 0
    Last Post: 10-31-2007, 07:22 AM
  5. Enabling ssl on port 8081 for zimbra web login (https)
    By Vivek k c in forum Administrators
    Replies: 5
    Last Post: 08-22-2007, 11:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •