Securing Postfix Mail servers from BruteForce attacks using containerization and Fail2ban

-, Kamal Kishore (2024) Securing Postfix Mail servers from BruteForce attacks using containerization and Fail2ban. Masters thesis, Dublin, National College of Ireland.

Preview	PDF (Master of Science) Download (1MB) | Preview
Preview	PDF (Configuration Manual) Download (2MB) | Preview

Abstract

The growing frequency and severity of cyber-attacks need comprehensive security measures for email servers. Postfix, a widely used mail transfer agent, is frequently the subject of brute force attacks. Such incidents might result in illegal access, revealing sensitive information and interrupting communication services. Traditional security solutions, while useful to some level, sometimes fall short of providing total coverage. Furthermore, coordinating authentication across numerous email-related services may be complicated and error-prone.

This paper addresses the essential issue of protecting email servers, notably Postfix, from attacks like this while increasing system management and scalability. The main issue addressed is the vulnerability of email servers to brute force attacks as well as the complexities involved in handling authentication across numerous services.

To solve these issues, this research installed Fail2Ban (as used by Makopa et al., 2023) on the same server having Postfix and other containers configured, to successfully prevent brute force attacks. A custom script in fail2ban was created for preventing the ports. Further, considering multiple postfix servers and to keep system users separate from mailing users, Postfix and Dovecot were combined with MariaDB to provide central authentication, reducing administrative work while increasing security. Furthermore, a huge milestone was made by converting Postfix and its dependent services, such as Dovecot, DKIM, and DMARC, to Podman containers—an invention that had never been described before.

The outcomes of these implementations were impressive. Fail2Ban successfully decreased the number of brute force attacks, hence improving the security of the Postfix server. The interface with MariaDB enabled a centralized administration system, which streamlined the authentication process across several services. The containerization of Postfix and its dependencies using Podman proved greater portability, consistency, and deployment simplicity, marking an iconic moment in this sector.

Theoretically, this study offers to the body of knowledge by illustrating an integrated approach to protecting and maintaining email servers that is consistent with current practices in cybersecurity and systems administration. Practically, the significant benefits are increased security, improved management, and higher deployment flexibility, which make the system more robust and easier to maintain.

Item Type:	Thesis (Masters)
Supervisors:	Name Email Khan, Imran UNSPECIFIED
Subjects:	Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security Z Bibliography. Library Science. Information Resources > ZA Information resources > ZA4150 Computer Network Resources > The Internet > Electronic Mail T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Telecommunications > The Internet > Electronic Mail Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions:	School of Computing > Master of Science in Cyber Security
Depositing User:	Ciara O'Brien
Date Deposited:	29 Jul 2025 09:25
Last Modified:	29 Jul 2025 09:25
URI:	https://norma.ncirl.ie/id/eprint/8282

Actions (login required)

View Item