About attacks that can't be prevented by using iptables

Asked 2 years ago, Updated 2 years ago, 140 views

SMTP SASL Bluetooth attack from IP of 185.234.217.194 and continuous Bluetooth attack with iptables configuration files and commands, even though this IP's INPUT policy was DROP.
Currently, I temporarily stopped Postfix, but I don't want to stop it all the time, so is there any solution?

Operating System: Debian 10
iptables is not legacy (not nft either)
Please let me know if you need any more information.

postfix iptables dovecot

2022-09-30 16:21

1 Answers

To restrict client access on Postfix, change main.cf and add check_client_access to smtpd_client_restrictions as follows:

Ex) smtpd_client_restrictions= 
 permit_mynetworks,
 reject_unknown_client
      :::
  check_client_access hash:/etc/postfix/reject_list ←adding
 permit

Then create the file /etc/postfix/reject_list to describe the IP or domain name that you want to deny in the form of "address REJECT".

Ex)
185.234.217.194 REJECT
spam.example.com REJECT

Hash DB and reload to reflect.

#postmap/etc/postfix/reject_list
# postfix reload

There are many Postfix settings, so please read the documentation carefully and think about the appropriate security settings.

2022-09-30 16:21

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

1022 In Java servlet, when SHA-256 sends WW-Authenticate header for digest authentication, the client does not return the result.

578 Understanding How to Configure Google API Key

881 /usr/bin/google-chrome:symbol lookup error:/usr/bin/google-chrome: undefined symbol:gbm_bo_get_modifier

572 rails db:create error: Could not find mysql2-0.5.4 in any of the sources

574 Who developed the "avformat-59.dll" that comes with FFmpeg?

© 2024 OneMinuteCode. All rights reserved.