Hi David, Try using this little script... -- snip -- #!/bin/bash logf="/var/log/blockip.log" mdate=`date +%c` mip=$1 ### must be root ### if [ `whoami` != "root" ]; then echo "" echo "$0 must be run as root" echo "" exit 1 fi;
if [ $mip == "--help" ]; then echo "========================================" echo "Help: Block single and subnet IP's" echo "========================================" echo "blockip 132.2.1.1" echo "blockip 132.1.0/24" echo "----------------------------------------" exit 1 fi; -- snip -- worked for me forever... Use qtp watchall to monitor the logs and use th output to manually block ips or subnets If you need more hit me off list. best wishes Tony White On 18/4/20 2:59 pm, David Bray wrote:
I can see I'm getting hammered on my smtps port How can I mitigate this? I can see the IP's in /var/log/qmail/smtps/current *but where do I actually see that the smtp auth actually fails ?* or do I need to increase the logging somewhere ? if I tail -f /var/log/dovecot.log I can see the imap and pop failures thanks in advance David Bray 0418 745334 2 ∞ & <
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
