Search The ForumSearch   RegisterRegister  LoginLogin

AfterLogic WebMail Lite
 AfterLogic Forum : AfterLogic WebMail Lite
Subject Topic: More feedback - logs timestamps Post ReplyPost New Topic
Author
Message << Prev Topic | Next Topic >>
chrishermann
Newbie
Newbie


Joined: 30 May 2017
Location: United Kingdom
Online Status: Offline
Posts: 19
Posted: 17 June 2017 at 3:09pm | IP Logged Quote chrishermann
More feedback/bug/Q for you (I really like what I am seeing by the way)

I have been trying to get a fail2ban regex written but it was not picking up the ban HOST ip. I then noticed that the log timestamp is GMT (zulu) while system time is Europe/London (presently BST = zulu +1 hour). As I only have a 5 minute find time for the test it was not getting baned. Not sure if there is somewhere I can set the timestamp, I cannot find it if there is
Back to Top View chrishermann's Profile Search for other posts by chrishermann
 
Igor
AfterLogic Support
AfterLogic Support


Joined: 24 June 2008
Location: United States
Online Status: Offline
Posts: 6104
Posted: 19 June 2017 at 2:24am | IP Logged Quote Igor
In the logs, GMT is used indeed. Users' timezones may switch and that won't affect how server-side logging is performed.

--
Regards,
Igor, AfterLogic Support
Back to Top View Igor's Profile Search for other posts by Igor
 
chrishermann
Newbie
Newbie


Joined: 30 May 2017
Location: United Kingdom
Online Status: Offline
Posts: 19
Posted: 19 June 2017 at 1:54pm | IP Logged Quote chrishermann
That is really a show stopper. I have just spent three weeks on and off trying to debug SOGo not working with fail2ban which ultimately came down to a timestamp issue (I missed a setting in the configs which set the timestamp to match the system time).

On my live mailserver I ban failed logons for 10 years - I have nearly 1000 attempts in the last 6 months alone. Without an IDS like fail2ban, I would not deploy webmail8 (and I doubt I would be the only one) and I cannot do it without having the correct timestamp unless I am willing to manually change the fail2ban configs twice a year. I also cannot see why you would force GMT as the timestamp. It makes no sense to me. I am in the UK, so its not like its hours out, but US, Australia etc very different story.

I really think this is a bad design decision.
Back to Top View chrishermann's Profile Search for other posts by chrishermann
 

If you wish to post a reply to this topic you must first login
If you are not already registered you must first register

  Post ReplyPost New Topic
Printable version Printable version

Forum Jump

Powered by Web Wiz Forums version 7.9
Copyright ©2001-2004 Web Wiz Guide