HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Block all mail, access from certain countries using ipdeny.com data (http://www.howtoforge.com/forums/showthread.php?t=60991)

fatbear 17th March 2013 18:18

Block all mail, access from certain countries using ipdeny.com data
 
To try to decrease the flood of spam traffic (inbound e-mail, primarily, but also any other access from certain countries), I was told that I can configure my server to reject anything from certain countries.

For example, suppose I want to block all e-mail and access from IP addresses in China or Nigeria.

I have read some articles (e.g., How to Block All Email from a Country), but I want to make sure that however I do this, that it is an approach that is appropriate to use with ISPConfig.

By the way, it would be nice if ISPConfig had a feature that helps server maintainers do this. It is got to be one of the most painful aspects of server operation and I'm sure most all server operators would be grateful if ISPConfig could help them more directly.

Can anyone please provide some direction so that I can stop the flood of SPAM and other wasteful access?

Parsec 18th March 2013 06:08

Interesting, but you have to remember to try and not stop legitimate email.

Personally, I have use something like this but it's my own creation. I have (over time) built up a list of dodgy IP addresses and address blocks that are suspect. What I do is use the access feature of postfix, list them all in there (they are stored in a mysql db with a script that updates the access.cidr), that way I can give these IP's a reject, well error 554, message and direct them to a webpage which has a form they can complete (if they are a genuine sender) to get their IP removed from the list.

This avoids blacklisting legitimate senders (as long as they read the mailserver reply), but of course it does not block like using iptables, postfix just rejects their mail.

Postfix access manual - http://www.postfix.org/access.5.html


All times are GMT +2. The time now is 00:42.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.