My configuration I have a public hosted mailserver managed by ISPConfig and a private mailserver at my home managed by ISPConfig (fix ip address on the internet) The public server routes mails to my domains to my ip address at home. In the logs there are seen, beside the rerouted mails from the public server a lot of tries from every where, mail connection, sasl login tries etc. I want to block them. I tried mynetworks with the IP of my public mailer xx.xx.xx.xx/32, I tried to block the ip adresses of the penetranted IP adresses with fail2ban. Nothing helps. None of these attempts come through, but I like to block them at all, only request from my public mailer should came through. ned help hint.
So you mean you see on your internal mail system attempts from external systems beside your mail relay? In this case, the best option is to block all incoming connections on the email ports using a firewall like UFW and just allow the IP address of your external mail relay.
You must use the ufw command on the shell for that. Block the email ports in ISPConfig and then use ufw command to allow access for the email ports from the IP address of your relay system. But take care to check first that your system is really using ufw and not bastille firewall, you can see this under System > server config.
