On 13.10.21 10:29, Maurizio Caloro wrote:
please how i can block this knocking on the door*, try with this
example.....
*
*postscreen_access_list = permit_mynetworks,
hash:/etc/postfix/senderdomain,
what's this? postscreen does not support domains.
hash:/etc/postfix/whitelistIP,
why hash? cidr is preferred with postscreen.
you can put single IP into CIDR.
cidr:/etc/postfix/whitelistCIDR*
*cat ***/etc/postfix/whitelistIP**
**192.146.215.104 PERMIT
# Rejects
143.204.98.70 REJECT # Amazonses
**
*Oct - 10:19:07 mail postfix/smtps/smtpd[21759]: warning:
unknown[212.70.149.71]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct - 10:19:08 mail postfix/smtps/smtpd[21759]: lost connection after
AUTH from unknown[212.70.149.71]
Oct - 10:19:08 mail postfix/smtps/smtpd[21759]: disconnect from
unknown[212.70.149.71] ehlo=1 auth=0/1 rset=1 commands=2/3
Oct - 10:20:05 mail postfix/smtps/smtpd[21759]: connect from
unknown[212.70.149.71]
Oct - 10:20:08 mail postfix/smtps/smtpd[21759]: Anonymous TLS
connection established from unknown[212.70.149.71]: TLSv1.2 with
cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
I don't see 212.70.149.71 there.
And, postfix/smtps is on port 465 - I don't think you run postscreen on port
465 (you should not do that)
but without success*
use fail2ban
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759
