Here are a few suggestions to help strengthen your Carbonio server security:

To Restrict POP3/IMAP/SMTP Access to Specific IPs, You can use iptables to allow only trusted IPs to access mail ports. Additionally, adjust mynetworks in Postfix to limit message relaying. Consider setting up fail2ban to monitor and block suspicious activity on mail-related ports and services to protect Against Brute-force Attacks. Carbonio CE currently doesn't support CAPTCHA on the web login page. However, you can enable Failed Login Policies from the Admin Panel to lock accounts after multiple failed attempts.

Keep in mind that custom configurations may be overwritten during upgrades, so make sure to back them up or reapply if necessary.

I see a lot of activity in /var/log/carbonio.log

It looks like my mail server requires more securing to do..

Would be grateful if someone could send pointers on how to do the following:

1. only allow POP3/IMAP/SMTP from certain IPs

2. add captcha on web login form

Thanks..

Tanka