search

mailcow / mailcow-dockerized

mailcow: dockerized - 🐮 + 🐋 = 💕
https://mailcow.email
GNU General Public License v3.0
8.98k stars 1.18k forks source link

Manage Fail2Ban externally toggle confusing #5610

Open domingo13 opened 11 months ago

domingo13 commented 11 months ago

Summary

With the release 2023-12 the feature "Manage Fail2Ban externally" turns up in the webui under Fail2ban parameters (https://github.com/mailcow/mailcow-dockerized/pull/5313).

I find it hard to read the toggle visually if it is on or off.

As the consequences of setting this to the wrong value is quite high I think there is missing some sort of text indication what the state is.

Motivation

If you expect that mailcow is actively blocking malicious IP's but you have misinterpreted the toggle you accidentally have opened an attack vector by not stopping the bad IP's.

Additional context

No response

DerLinkman commented 10 months ago

Thanks for your enhancement idea.

Can you please describe us how we could improve it in your eyes? I mean if you moan about it you might write a idea of improvement too...

domingo13 commented 10 months ago

Absolutely :-) A very explicit approach could be to change the text, so when you enable the setting it shows a warning (and a link to the api link on the page) that mailcow no longer will be dropping bad clients but you will need to feed the list into an external firewall.

Or it could be a simple popup banner saying are you sure you want to use external blocking.

Let me know if I make any sense.