Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 23rd November 2011, 13:18
pawan pawan is offline
Senior Member
 
Join Date: Jul 2010
Posts: 210
Thanks: 42
Thanked 5 Times in 5 Posts
Default how to block ips from mail server

I have blocked an IP using
route add -host 121.35.76.51 reject

but the same IP is still showing repeatedly in mail warn log for the login attempts like
Nov 23 03:57:20 server1 postfix/smtpd[27250]: warning: unknown[121.35.76.51]: SASL LOGIN authentication failed: authentication failure
Nov 23 03:57:21 server1 postfix/smtpd[27250]: warning: 121.35.76.51: hostname 51.76.35.121.broad.sz.gd.dynamic.163data.com.cn verification failed: No address associated with hostname
Nov 23 03:57:23 server1 postfix/smtpd[27250]: warning: unknown[121.35.76.51]: SASL LOGIN authentication failed: authentication failure
Nov 23 03:57:24 server1 postfix/smtpd[27250]: warning: 121.35.76.51: hostname 51.76.35.121.broad.sz.gd.dynamic.163data.com.cn verification failed: No address associated with hostname


Please help.
Reply With Quote
Sponsored Links
  #2  
Old 23rd November 2011, 18:28
pititis pititis is offline
Senior Member
 
Join Date: Dec 2010
Location: München
Posts: 364
Thanks: 38
Thanked 90 Times in 68 Posts
Default

You can use iptables:

iptables -A INPUT -s 121.35.76.51 -j DROP

or use fail2ban, it block automatically.

Cheers
Reply With Quote
  #3  
Old 23rd November 2011, 23:04
pawan pawan is offline
Senior Member
 
Join Date: Jul 2010
Posts: 210
Thanks: 42
Thanked 5 Times in 5 Posts
Default

I am already using fail2ban. but I think before fail2ban acts, the attempts to login runs in 100s of attempts, how can I set a rule that any failed attempts are acted upon immediately for say 5 failed attempts.
Thanks
Reply With Quote
  #4  
Old 25th November 2011, 17:39
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
 
Default

You can set the number of failed login attempts in your fail2ban configuration (in the /etc/fail2ban/ directory).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix/courier/Centos 6 cant send email to external email servers maxtorzito Installation/Configuration 14 7th October 2011 10:56
Sending email issue lezelf Installation/Configuration 15 9th August 2011 11:20
installing squirrelmail on Debian with ispconfig3 saco721 Installation/Configuration 18 1st April 2011 17:57
Webmail problems with only one domain? compner Installation/Configuration 14 16th February 2010 16:59
Webmail Relay Error palkat General 17 23rd April 2006 18:12


All times are GMT +2. The time now is 12:56.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.