Search found 22 matches

by derdanilo
Tue Oct 10, 2017 10:11 pm
Forum: Configuration
Topic: Weak ciphers
Replies: 0
Views: 53

Weak ciphers

According to "https://ssl-tools.net/mailservers/" Exim uses weak ciphers.
Would be nice to get that fixed.

Code: Select all

Weak ciphers supported

ECDHE_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_RC4_128_SHA


Thanks!
by derdanilo
Tue Oct 10, 2017 10:08 pm
Forum: Configuration
Topic: Fail2Ban global implementation
Replies: 2
Views: 76

Re: Fail2Ban global implementation

Nice!
by derdanilo
Tue Oct 10, 2017 10:08 pm
Forum: Configuration
Topic: URGENT! - Disable Wizard option
Replies: 3
Views: 74

Re: URGENT! - Disable Wizard option

Mailcleaner is very often installed on VPS and cloud instances without any additional firewall and just the local firewall. The Wizard should be disabled once run (end of the wizrad) on default without any further user interaction. This is a security hole in my oppinion, since it's blond to say that...
by derdanilo
Tue Oct 10, 2017 9:45 pm
Forum: Configuration
Topic: Disable user portal /login.php
Replies: 2
Views: 80

Re: Disable user portal /login.php

Thanks for your reply Florian.

Sorry if I missed that. I cannot keep track of what is written when and where in my spare time. To much going on in my head. :)
I just don't want to loose my thoughts.

Good news about f2b.
by derdanilo
Tue Oct 10, 2017 9:39 pm
Forum: Configuration
Topic: Custom SSH Port
Replies: 3
Views: 88

Re: Custom SSH Port

Thanks, that helps also. We solved it in the meantime with an itables config that runs every 15min.
But this should be available in GUI as well.

Thanks!
by derdanilo
Tue Oct 10, 2017 6:23 pm
Forum: Updates
Topic: Debian Jessie
Replies: 39
Views: 14088

Re: Debian Jessie

Hi Florian, didn't want to speed things up. Just asking... That's why I put the Smilie ==> :D As long as an system updated is released for the latest Debian at least 6 month before the official support stop it's fine. Just wanted to check on your plan, since Debian 6 was overdue to a long time. Than...
by derdanilo
Tue Oct 10, 2017 6:16 pm
Forum: Configuration
Topic: Using Letsencrypt certificate
Replies: 5
Views: 1274

Re: Using Letsencrypt certificate

I then wrote a basic php script to update the certificates in the mailcleaner MySQL database for both http and mysql. Finally, restart the mailcelaner http and smtp services. Hope this helps. PM me if you would like the php script I created. Would you be so kind and post your script or a link to gi...
by derdanilo
Thu Oct 05, 2017 7:40 pm
Forum: Updates
Topic: Debian Jessie
Replies: 39
Views: 14088

Re: Debian Jessie

Since we have Jessie now.
How is your upgrade path to Stretch?

Official Support for Jessie will be dropped next year and we don't want to fall into the same hole again, won't we? :)
by derdanilo
Thu Oct 05, 2017 6:55 pm
Forum: Configuration
Topic: Fail2Ban global implementation
Replies: 2
Views: 76

Fail2Ban global implementation

Fail2ban should be implemented for the webinterface and also the SMTP authentication service. When installed, fail2ban automatically handles SSH and other services. For a specific webpage it requires configuration. Please see to it to implement fail2ban on default, to close this security issue. With...
by derdanilo
Thu Oct 05, 2017 6:53 pm
Forum: Configuration
Topic: URGENT! - Disable Wizard option
Replies: 3
Views: 74

URGENT! - Disable Wizard option

It is urgently required to provide an option to disable the wizard and close the firewall rule for it as well. The Mailcleaner wizard is a security risk for everybody! I could not find any documentation on how to secure the server, so for now we just closed the firewall ourself. But the mailcleaner ...
by derdanilo
Thu Oct 05, 2017 6:50 pm
Forum: Configuration
Topic: Custom SSH Port
Replies: 3
Views: 88

Custom SSH Port

Please make it possible to configure the SSH port via GUI/CLI. We changed it manually but the firewall of mailcleaner is hardcoded so whenever the cron runs it just delets our custom firewall rule. For now we have a cron that runs every 5 min to just set the firewall rule to our custom port. But thi...
by derdanilo
Thu Oct 05, 2017 6:47 pm
Forum: Configuration
Topic: Disable user portal /login.php
Replies: 2
Views: 80

Disable user portal /login.php

Please make it possible to disable the user portal alltogether! We don't need our users to be able to login and it's just generating fails login log entries. Basically mailcleaner is beeing under constant dictionary attack. We installed fail2ban manually, but Mailcleaner does not support this. Fail2...
by derdanilo
Thu Jun 22, 2017 9:45 am
Forum: Feedback
Topic: MailCleaner 2017 Beta feedback
Replies: 145
Views: 10483

Re: MailCleaner 2017 Beta feedback

How to disable the Wizard?
I read it somewhere but cannot find this information anymore.
by derdanilo
Wed Jun 21, 2017 12:19 pm
Forum: Feedback
Topic: MailCleaner 2017 Beta feedback
Replies: 145
Views: 10483

Re: MailCleaner 2017 Beta feedback

Among all this, if one colleague or myself find some time to integrates Let's encrypt, it should be here before the end of the year. Thanks for the update! SNMP is not that important since we can do it via CLI, but would be better. - Can you provide the information where the certificates are stored...
by derdanilo
Wed Jun 21, 2017 10:13 am
Forum: Feedback
Topic: MailCleaner 2017 Beta feedback
Replies: 145
Views: 10483

Re: MailCleaner 2017 Beta feedback

I have two requests: - Please support Let's Encrypt for WebUI and TLS/SSL SMTP encryption. I am fine to set LE up manually via CLI, but your GUI requests the certificate data via GUI, so how do we solve this? - Support SNMP V3 with encryption and authentication. This should be easy to setup via gui ...

Go to advanced search