About attacks that can't be prevented by using iptables

Asked 1 years ago, Updated 1 years ago, 119 views

SMTP SASL Bluetooth attack from IP of 185.234.217.194 and continuous Bluetooth attack with iptables configuration files and commands, even though this IP's INPUT policy was DROP.
Currently, I temporarily stopped Postfix, but I don't want to stop it all the time, so is there any solution?

Operating System: Debian 10
iptables is not legacy (not nft either)
Please let me know if you need any more information.

postfix iptables dovecot

2022-09-30 16:21

1 Answers

To restrict client access on Postfix, change main.cf and add check_client_access to smtpd_client_restrictions as follows:

Ex) smtpd_client_restrictions= 
 permit_mynetworks,
 reject_unknown_client
      :::
  check_client_access hash:/etc/postfix/reject_list ←adding
 permit

Then create the file /etc/postfix/reject_list to describe the IP or domain name that you want to deny in the form of "address REJECT".

Ex)
185.234.217.194 REJECT
spam.example.com REJECT

Hash DB and reload to reflect.

#postmap/etc/postfix/reject_list
# postfix reload

There are many Postfix settings, so please read the documentation carefully and think about the appropriate security settings.

2022-09-30 16:21

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

536 Understanding How to Configure Google API Key

621 When building Fast API+Uvicorn environment with PyInstaller, console=False results in an error

533 PHP ssh2_scp_send fails to send files as intended

513 The method of the class of the application that I am creating in Typescript does not work as I expected.

547 /usr/bin/google-chrome:symbol lookup error:/usr/bin/google-chrome: undefined symbol:gbm_bo_get_modifier

© 2024 OneMinuteCode. All rights reserved.