Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration
Reload this Page how to block ips from mail server
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 23rd November 2011, 13:18
pawan pawan is offline
Senior Member
  
Join Date: Jul 2010
Posts: 189
Thanks: 38
Thanked 4 Times in 4 Posts
Default how to block ips from mail server
I have blocked an IP using
route add -host 121.35.76.51 reject

but the same IP is still showing repeatedly in mail warn log for the login attempts like
Nov 23 03:57:20 server1 postfix/smtpd[27250]: warning: unknown[121.35.76.51]: SASL LOGIN authentication failed: authentication failure
Nov 23 03:57:21 server1 postfix/smtpd[27250]: warning: 121.35.76.51: hostname 51.76.35.121.broad.sz.gd.dynamic.163data.com.cn verification failed: No address associated with hostname
Nov 23 03:57:23 server1 postfix/smtpd[27250]: warning: unknown[121.35.76.51]: SASL LOGIN authentication failed: authentication failure
Nov 23 03:57:24 server1 postfix/smtpd[27250]: warning: 121.35.76.51: hostname 51.76.35.121.broad.sz.gd.dynamic.163data.com.cn verification failed: No address associated with hostname


Please help.
Reply With Quote
Sponsored Links
  #2  
Old 23rd November 2011, 18:28
pititis pititis is offline
Senior Member
  
Join Date: Dec 2010
Location: München
Posts: 339
Thanks: 35
Thanked 75 Times in 61 Posts
Default
You can use iptables:

iptables -A INPUT -s 121.35.76.51 -j DROP

or use fail2ban, it block automatically.

Cheers
Reply With Quote
  #3  
Old 23rd November 2011, 23:04
pawan pawan is offline
Senior Member
  
Join Date: Jul 2010
Posts: 189
Thanks: 38
Thanked 4 Times in 4 Posts
Default
I am already using fail2ban. but I think before fail2ban acts, the attempts to login runs in 100s of attempts, how can I set a rule that any failed attempts are acted upon immediately for say 5 failed attempts.
Thanks
Reply With Quote
  #4  
Old 25th November 2011, 17:39
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,592 Times in 2,443 Posts
 
Default
You can set the number of failed login attempts in your fail2ban configuration (in the /etc/fail2ban/ directory).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix/courier/Centos 6 cant send email to external email servers maxtorzito Installation/Configuration 14 7th October 2011 10:56
Sending email issue lezelf Installation/Configuration 15 9th August 2011 11:20
installing squirrelmail on Debian with ispconfig3 saco721 Installation/Configuration 18 1st April 2011 17:57
Webmail problems with only one domain? compner Installation/Configuration 14 16th February 2010 16:59
Webmail Relay Error palkat General 17 23rd April 2006 18:12


All times are GMT +2. The time now is 09:43.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.