Page 1 of 1
IP range blocking
Posted: 30 Dec 2014, 13:35
by dvk01
If I block an IP range in csf/lfd for example 87.106.0.0/16 1&1 servers because I am fed up with the constant attacks by scripts from infected servers there
Will that also block emails being received by my mail server from 1& 1 customers, because unfortunately I do have some users who have a 1&1 (gmx) email address who do email me occasionally
Re: IP range blocking
Posted: 30 Dec 2014, 20:48
by marcele
dvk01 wrote:If I block an IP range in csf/lfd for example 87.106.0.0/16 1&1 servers because I am fed up with the constant attacks by scripts from infected servers there
Will that also block emails being received by my mail server from 1& 1 customers, because unfortunately I do have some users who have a 1&1 (gmx) email address who do email me occasionally
Yes adding the 1&1 subnet would block all ports to your server (including mail) by default.
You could however add an advanced allow rule to allow SMTP connections from the 87.106.0.0/16 subnet:
In /etc/csf/csf.allow you would add:
This means allow TCP to port 25 from the 87.106.0.0/16 subnet.
See the "Advanced Allow/Deny Filters" in the readme.txt for more info. (You could even create a deny rule for just port 80 coming from the 1 & 1 subnet also):
http://download.configserver.com/csf/readme.txt
I hope this helps!