IP of a denied country still attempting login Postfix
Posted: 06 Mar 2023, 22:04
Hello,
I'm new in csf and trying it.
According to https://who.is/whois-ip/ip-address/46.148.40.63 I added to NL CC_DENY for a moment.
csf restart
But maillog still outputs
Mar 6 18:58:24 host postfix/smtpd[237898]: connect from unknown[46.148.40.63]
Mar 6 18:58:31 host postfix/smtpd[237898]: warning: unknown[46.148.40.63]: SASL LOGIN authentication failed: authentication failure
Mar 6 18:58:31 host postfix/smtpd[237898]: disconnect from unknown[46.148.40.63] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
I tried both available ip to country databases but nothing changes.
From Webmin panel Check Security I get a value of 42/42
Thank you
PS: Only after
Adding 46.148.40.63 to csf.deny and iptables DROP...
csf: IPSET adding [46.148.40.63] to set [chain_DENY]
it disappears of maillog list
PS2: After one day of installed and tested I got no one "Failed ... login" at lfd.log.
I'm new in csf and trying it.
According to https://who.is/whois-ip/ip-address/46.148.40.63 I added to NL CC_DENY for a moment.
csf restart
But maillog still outputs
Mar 6 18:58:24 host postfix/smtpd[237898]: connect from unknown[46.148.40.63]
Mar 6 18:58:31 host postfix/smtpd[237898]: warning: unknown[46.148.40.63]: SASL LOGIN authentication failed: authentication failure
Mar 6 18:58:31 host postfix/smtpd[237898]: disconnect from unknown[46.148.40.63] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
I tried both available ip to country databases but nothing changes.
From Webmin panel Check Security I get a value of 42/42
Thank you
PS: Only after
Adding 46.148.40.63 to csf.deny and iptables DROP...
csf: IPSET adding [46.148.40.63] to set [chain_DENY]
it disappears of maillog list
PS2: After one day of installed and tested I got no one "Failed ... login" at lfd.log.