Re: [qmailtoaster] SMTPS Port - Who is Failing ?

Sat, 18 Apr 2020 03:10:21 -0700 

Hi David,
  Sorry try this instead...

-- snip --
#!/bin/sh
logf="/var/log/blacklist_ip.log"
mdate=`date +%c`
### must be root ###
if [ `whoami` != "root" ]; then
        echo ""
        echo "$0 must be ran as root"
        echo ""
        exit 1
fi
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec 
'^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"

if [ `echo $1 |eval $is_ip` != "1" ]; then
echo "$mdate Error in IP address $1" >> $logf
else
echo "$1" >> /opt/spamdyke/etc/blacklist_ip
echo "$mdate now dropping all packets from $1" >> $logf
fi
--snip --

best wishes
  Tony White
On 18/4/20 8:04 pm, Tony White wrote:


Hi David,
  Try using this little script...

-- snip --
#!/bin/bash
logf="/var/log/blockip.log"
mdate=`date +%c`
mip=$1
### must be root ###
if [ `whoami` != "root" ]; then
        echo ""
        echo "$0 must be run as root"
        echo ""
        exit 1
fi;

if [ $mip == "--help" ]; then
  echo "========================================"
  echo "Help: Block single and subnet IP's"
  echo "========================================"
  echo "blockip 132.2.1.1"
  echo "blockip 132.1.0/24"
  echo "----------------------------------------"
  exit 1
fi;

-- snip --

worked for me forever...
Use qtp watchall to monitor the logs and use th output to manually block ips or 
subnets

If you need more hit me off list.

best wishes
  Tony White
On 18/4/20 2:59 pm, David Bray wrote:


I can see I'm getting hammered on my smtps port

How can I mitigate this?

I can see the IP's in /var/log/qmail/smtps/current

*but where do I actually see that the smtp auth actually fails ?*

or do I need to increase the logging somewhere ?

if I tail -f /var/log/dovecot.log

I can see the imap and pop failures

thanks in advance

David Bray
0418 745334
2 ∞ & <



---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com




---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Reply via email to