Search found 26 matches

by derdanilo
Fri Oct 27, 2017 11:07 pm
Forum: The forum
Topic: Change Forum software + SSL and give it a reboot
Replies: 3
Views: 1457

Re: Change Forum software + SSL and give it a reboot

The forum still runs on plain http.
Even if it's "just" a community page.... SSL IS DEFAULT :!:

LE makes it possible to enable SSL free of any charge.

Please make the switch.
by derdanilo
Wed Oct 25, 2017 9:50 pm
Forum: Bugs and fixes
Topic: Error message (using default MC pw) appears but is wrong
Replies: 2
Views: 124

Error message (using default MC pw) appears but is wrong

The following error message appears but is wrong. I am not using the default password. Just tested it again.
This message appears out of the sudden.

System is not safe (on hosts: 1) : you are using the default MailCleaner password.


Please check as it is quiet annoying, always showing up.

Thanks!
by derdanilo
Sun Oct 22, 2017 4:09 pm
Forum: Configuration
Topic: Fail2Ban global implementation
Replies: 4
Views: 251

Re: Fail2Ban global implementation

Please also implement that fail2ban blocks IPs that constantly try to relay E-Mails directly to the server. If an IP hits more than 10-15 false Names to one domain, block it for a certain amount of time. The time block could be 1-7 days, everything below that doesn't really block. The server load is...
by derdanilo
Sat Oct 21, 2017 11:43 am
Forum: Configuration
Topic: SNMP monitoring
Replies: 1
Views: 2002

Re: SNMP monitoring

Since mailcleaner uses its own config and does NOT stick to any system default config file locations, it is very hard to keep snmp v3 monitoring up and running. @florian Please tell us where we can put our custom snmp config. The defaults ain't working and apparently the config is overwritten every ...
by derdanilo
Tue Oct 10, 2017 10:11 pm
Forum: Configuration
Topic: Weak ciphers
Replies: 0
Views: 186

Weak ciphers

According to "https://ssl-tools.net/mailservers/" Exim uses weak ciphers.
Would be nice to get that fixed.

Code: Select all

Weak ciphers supported

ECDHE_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_RC4_128_SHA


Thanks!
by derdanilo
Tue Oct 10, 2017 10:08 pm
Forum: Configuration
Topic: Fail2Ban global implementation
Replies: 4
Views: 251

Re: Fail2Ban global implementation

Nice!
by derdanilo
Tue Oct 10, 2017 10:08 pm
Forum: Configuration
Topic: URGENT! - Disable Wizard option
Replies: 3
Views: 247

Re: URGENT! - Disable Wizard option

Mailcleaner is very often installed on VPS and cloud instances without any additional firewall and just the local firewall. The Wizard should be disabled once run (end of the wizrad) on default without any further user interaction. This is a security hole in my oppinion, since it's blond to say that...
by derdanilo
Tue Oct 10, 2017 9:45 pm
Forum: Configuration
Topic: Disable user portal /login.php
Replies: 2
Views: 207

Re: Disable user portal /login.php

Thanks for your reply Florian.

Sorry if I missed that. I cannot keep track of what is written when and where in my spare time. To much going on in my head. :)
I just don't want to loose my thoughts.

Good news about f2b.
by derdanilo
Tue Oct 10, 2017 9:39 pm
Forum: Configuration
Topic: Custom SSH Port
Replies: 3
Views: 233

Re: Custom SSH Port

Thanks, that helps also. We solved it in the meantime with an itables config that runs every 15min.
But this should be available in GUI as well.

Thanks!
by derdanilo
Tue Oct 10, 2017 6:23 pm
Forum: Updates
Topic: Debian Jessie
Replies: 39
Views: 14888

Re: Debian Jessie

Hi Florian, didn't want to speed things up. Just asking... That's why I put the Smilie ==> :D As long as an system updated is released for the latest Debian at least 6 month before the official support stop it's fine. Just wanted to check on your plan, since Debian 6 was overdue to a long time. Than...
by derdanilo
Tue Oct 10, 2017 6:16 pm
Forum: Configuration
Topic: Using Letsencrypt certificate
Replies: 5
Views: 1512

Re: Using Letsencrypt certificate

I then wrote a basic php script to update the certificates in the mailcleaner MySQL database for both http and mysql. Finally, restart the mailcelaner http and smtp services. Hope this helps. PM me if you would like the php script I created. Would you be so kind and post your script or a link to gi...
by derdanilo
Thu Oct 05, 2017 7:40 pm
Forum: Updates
Topic: Debian Jessie
Replies: 39
Views: 14888

Re: Debian Jessie

Since we have Jessie now.
How is your upgrade path to Stretch?

Official Support for Jessie will be dropped next year and we don't want to fall into the same hole again, won't we? :)
by derdanilo
Thu Oct 05, 2017 6:55 pm
Forum: Configuration
Topic: Fail2Ban global implementation
Replies: 4
Views: 251

Fail2Ban global implementation

Fail2ban should be implemented for the webinterface and also the SMTP authentication service. When installed, fail2ban automatically handles SSH and other services. For a specific webpage it requires configuration. Please see to it to implement fail2ban on default, to close this security issue. With...
by derdanilo
Thu Oct 05, 2017 6:53 pm
Forum: Configuration
Topic: URGENT! - Disable Wizard option
Replies: 3
Views: 247

URGENT! - Disable Wizard option

It is urgently required to provide an option to disable the wizard and close the firewall rule for it as well. The Mailcleaner wizard is a security risk for everybody! I could not find any documentation on how to secure the server, so for now we just closed the firewall ourself. But the mailcleaner ...
by derdanilo
Thu Oct 05, 2017 6:50 pm
Forum: Configuration
Topic: Custom SSH Port
Replies: 3
Views: 233

Custom SSH Port

Please make it possible to configure the SSH port via GUI/CLI. We changed it manually but the firewall of mailcleaner is hardcoded so whenever the cron runs it just delets our custom firewall rule. For now we have a cron that runs every 5 min to just set the firewall rule to our custom port. But thi...

Go to advanced search