Uploaded image for project: 'James Server'
  1. James Server
  2. JAMES-3819 [GSOC] James as a (distributed) MX server
  3. JAMES-3897

IP filtering with CrowdSec

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • None
    • None

    Description

      Thanks to recommandation from a collegue Xavier GUIMARD, I discovered CrowdSec ( https://www.crowdsec.net/ ).

      CrowdSec is a free, modern & collaborative behavior detection engine, coupled with a global IP reputation network, based on IA behaviour refinement.

      Develop a third-party plugin for questionning crowdSec:

      • Create a SMTP EHLO hook questionning via a REST call the CrowdSec local agent
      • Create a mailet questionning via a REST call the CrowdSec local agent
      • Create a mailet to provision local CrowdSec database (for highest level of spam for instance)
      • Think about the interfaces we would need to question CrowdSec upon incoming IMAP connections
      • Externalize behaviour linked to failed login attempts (sleep, 3 failure connection closure) as configurable extensible plugins.
      • Use it to manage IP reporting to crowdSec, especially upon failed authentications (~fail2ban).

      Attachments

        Activity

          People

            Unassigned Unassigned
            btellier Benoit Tellier
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 13h 50m
                13h 50m