Blocking postfix traffic by IP

Discussion in 'Installation/Configuration' started by HackerJL, May 28, 2006.

  1. HackerJL

    HackerJL New Member

    Im viewing my logs monitoring any traffic and have found a lot of this:
    Code:
    May 28 14:45:28 tux postfix/smtpd[5294]: connect from unknown[198.169.113.164]
    May 28 14:45:28 tux postfix/smtpd[5294]: setting up TLS connection from unknown[198.169.113.164]
    May 28 14:45:28 tux postfix/smtpd[5294]: TLS connection established from unknown[198.169.113.164]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    May 28 14:45:29 tux postfix/smtpd[5294]: disconnect from unknown[198.169.113.164]
    May 28 14:46:11 tux postfix/smtpd[5294]: connect from unknown[198.169.113.164]
    May 28 14:46:12 tux postfix/smtpd[5294]: setting up TLS connection from unknown[198.169.113.164]
    May 28 14:46:15 tux postfix/smtpd[5294]: TLS connection established from unknown[198.169.113.164]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
    May 28 14:46:16 tux postfix/smtpd[5294]: disconnect from unknown[198.169.113.164]
    What does it take to block all traffic into postfix for this IP address.

    On a second note. I also see a lot of this: (addresses changed for security)
    Code:
    May 28 14:51:59 tux postfix/local[5493]: 42222E8043: to=<[email protected]>, orig_to=<[email protected]>, relay=local, delay=8, status=sent (delivered to command: /usr/bin/procmail -f-)
    May 28 14:51:59 tux postfix/qmgr[3756]: 42222E8043: removed
    
    Should I worry about any of this?
     
  2. falko

    falko Super Moderator ISPConfig Developer

    You can block IP addresses from connecting to your server like this:

    Code:
    route add -host 1.2.3.4 reject
    where 1.2.3.4 is the IP address you want to block.

    That's ok. :)
     

Share This Page