Hello,
I have built a new server running SOGo 5.12.1 from Debian 13 with
Memcache and Apache.
The SOGo filter I found in the Fail2ban package doesn't work, and on
Github I found the same not-working script:
https://github.com/Alinto/sogo/blob/master/Scripts/fail2ban/sogo-filter.conf
And it doesn't seem very simple to make one work either, because the new
text "tried wrong password for user" is on a different line than the IP
address what tried it:
May 05 00:29:45 sogod [1367]: 188.213.90.187 "REPORT /SOGo/dav/
[email protected]/Contacts/personal/ HTTP/1.1" 401 0/303 0.012 - - 0 - 12
May 05 00:29:45 sogod [1367]: <0x0x55dd3af7e3b0[SOGoDAVAuthenticator]>
tried wrong password for user '[email protected]'!
It would be possible to search for the 401, but I'm a bit afraid for
false positives.
Does anyone of you have a solution?
With regards,
Paul van der Vlis
--
Paul van der Vlis Linux systeembeheer Groningen
https://vandervlis.nl/
