-, Kamal Kishore (2024) Securing Postfix Mail servers from BruteForce attacks using containerization and Fail2ban. Masters thesis, Dublin, National College of Ireland.
Preview |
PDF (Master of Science)
Download (1MB) | Preview |
Preview |
PDF (Configuration Manual)
Download (2MB) | Preview |
Abstract
The growing frequency and severity of cyber-attacks need comprehensive security measures for email servers. Postfix, a widely used mail transfer agent, is frequently the subject of brute force attacks. Such incidents might result in illegal access, revealing sensitive information and interrupting communication services. Traditional security solutions, while useful to some level, sometimes fall short of providing total coverage. Furthermore, coordinating authentication across numerous email-related services may be complicated and error-prone.
This paper addresses the essential issue of protecting email servers, notably Postfix, from attacks like this while increasing system management and scalability. The main issue addressed is the vulnerability of email servers to brute force attacks as well as the complexities involved in handling authentication across numerous services.
To solve these issues, this research installed Fail2Ban (as used by Makopa et al., 2023) on the same server having Postfix and other containers configured, to successfully prevent brute force attacks. A custom script in fail2ban was created for preventing the ports. Further, considering multiple postfix servers and to keep system users separate from mailing users, Postfix and Dovecot were combined with MariaDB to provide central authentication, reducing administrative work while increasing security. Furthermore, a huge milestone was made by converting Postfix and its dependent services, such as Dovecot, DKIM, and DMARC, to Podman containers—an invention that had never been described before.
The outcomes of these implementations were impressive. Fail2Ban successfully decreased the number of brute force attacks, hence improving the security of the Postfix server. The interface with MariaDB enabled a centralized administration system, which streamlined the authentication process across several services. The containerization of Postfix and its dependencies using Podman proved greater portability, consistency, and deployment simplicity, marking an iconic moment in this sector.
Theoretically, this study offers to the body of knowledge by illustrating an integrated approach to protecting and maintaining email servers that is consistent with current practices in cybersecurity and systems administration. Practically, the significant benefits are increased security, improved management, and higher deployment flexibility, which make the system more robust and easier to maintain.
Actions (login required)
![]() |
View Item |