Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Stopping Emails from an IP Address
« previous next »
Pages: [1]   Go Down

Stopping Emails from an IP Address

  • 3 Replies
  • 1071 Views

Offline stancol

  • ****
  • 90
  • +0/-0
    • http://www.srcproductions.com
Stopping Emails from an IP Address
« on: April 12, 2004, 06:23:29 PM »
Does anyone know how to stop all emails from an IP address? I've been getting daily email virus's to one of my servers from an overseas IP address. I've contacted them several times and still they keep coming. All the other IP address owners I've contacted have managed to stop flooding the server with virs's messages. At this point I'd just like to stop all incoming requests, both HTTP, and SMTP, from this IP address.

Or if anybody has a better idea for stopping emails on SME server 6.0.1 let me know. I'm already running Clam Antivirus and Spamassassin on this server.
Logged
What are the three dots for at the end of my signature file and why can't I get rid of them?These three dots right here >...

bobk

Stopping Emails from an IP Address
« Reply #1 on: April 12, 2004, 06:35:37 PM »
Try this http://mirror.contribs.org/smeserver/contribs/aloveless/contribs/ipblock_inet/. According to the readme it will block ALL activity from an IP.
Logged

Offline stancol

  • ****
  • 90
  • +0/-0
    • http://www.srcproductions.com
Thanks but....
« Reply #2 on: April 12, 2004, 11:32:46 PM »
According to the contrib:

Quote
Description:
The IP Block Internet Access module allows you to configure specific IP
addresses that should not have Internet access through your SME Server gateway.

This contrib will allow you to block Internet access for specific IP's in 2
different ways.  
   1.  IP will be blocked all the time.  (You can manually add/remove the entry).  
   2.  You can schedule the time/day that you would like access to be blocked.


Looks like this is more on the inside of the NAT heading outside. Not on incoming ip addresses to the box.
Logged
What are the three dots for at the end of my signature file and why can't I get rid of them?These three dots right here >...

bobk

Re: Thanks but....
« Reply #3 on: April 13, 2004, 02:00:06 AM »
Quote from: "stancol"


Looks like this is more on the inside of the NAT heading outside. Not on incoming ip addresses to the box.



Sorry 'bout that, twas a late night.

You should be able to do what you want with iptables rules.
The templates are located at /etc/e-smith/templates/etc/rc.d/init.d/masq/. I am not up to speed on firewall rules so maybe someone with better knowledge can confirm that you will need a rule similar to:

Code: [Select]

/sbin/iptables --append INPUT -s xxx.xxx.xxx.xxx    -j DROP
/sbin/iptables --append INPUT -s xxx.xxx.xxx.xxx    -j DENY

    
I am not sure which of the above will work, maybe you will need both.

Do this in a custom template. Something like /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/43MyBlackList.

Hope this at least gets you started.
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Stopping Emails from an IP Address