1 Topic by kosmosfrs

  • kosmosfrs
  • Member
  • Offline
  • Registered: 2023-12-19
  • Posts: 3

Topic: CONNECT from

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):     1.4.2
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version: CentOS Stream 8
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
How can you protect yourself from predatory connections or from this point of view?

ug 21 18:43:33 mail postfix/postscreen[2415933]: DISCONNECT [31.184.201.204]:42234
Aug 21 18:43:38 mail postfix/postscreen[2415933]: CONNECT from [31.184.201.205]:60562 to [192.168.168.5]:25
Aug 21 18:43:38 mail postfix/dnsblog[2415934]: addr 31.184.201.205 listed by domain zen.spamhaus.org as 127.0.0.3
Aug 21 18:43:44 mail postfix/postscreen[2415933]: DNSBL rank 3 for [31.184.201.205]:60562
Aug 21 18:43:44 mail postfix/postscreen[2415933]: DISCONNECT [31.184.201.205]:60562
Aug 21 18:43:49 mail postfix/postscreen[2415933]: CONNECT from [31.184.201.206]:55638 to [192.168.168.5]:25
Aug 21 18:43:49 mail postfix/dnsblog[2419965]: addr 31.184.201.206 listed by domain zen.spamhaus.org as 127.0.0.3
Aug 21 18:43:55 mail postfix/postscreen[2415933]: DNSBL rank 3 for [31.184.201.206]:55638
Aug 21 18:43:55 mail postfix/postscreen[2415933]: DISCONNECT [31.184.201.206]:55638
Aug 21 18:44:00 mail postfix/postscreen[2415933]: CONNECT from [31.184.201.207]:44624 to [192.168.168.5]:25
Aug 21 18:44:00 mail postfix/dnsblog[2419965]: addr 31.184.201.207 listed by domain zen.spamhaus.org as 127.0.0.3
Aug 21 18:44:06 mail postfix/postscreen[2415933]: DNSBL rank 3 for [31.184.201.207]:44624
Aug 21 18:44:06 mail postfix/postscreen[2415933]: DISCONNECT [31.184.201.207]:44624
Aug 21 18:44:11 mail postfix/postscreen[2415933]: CONNECT from [31.184.201.208]:24594 to [192.168.168.5]:25
Aug 21 18:44:11 mail postfix/dnsblog[2419965]: addr 31.184.201.208 listed by domain zen.spamhaus.org as 127.0.0.3
Aug 21 18:44:17 mail postfix/postscreen[2415933]: DNSBL rank 3 for [31.184.201.208]:24594
Aug 21 18:44:17 mail postfix/postscreen[2415933]: DISCONNECT [31.184.201.208]:24594
Aug 21 18:44:22 mail postfix/postscreen[2415933]: CONNECT from [31.184.201.209]:17096 to [192.168.168.5]:25
Aug 21 18:44:22 mail postfix/dnsblog[2419965]: addr 31.184.201.209 listed by domain zen.spamhaus.org as 127.0.0.3
Aug 21 18:44:28 mail postfix/postscreen[2415933]: DNSBL rank 3 for [31.184.201.209]:17096
Aug 21 18:44:28 mail postfix/postscreen[2415933]: DISCONNECT [31.184.201.209]:17096

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by Cthulhu

  • Cthulhu
  • Member
  • Offline
  • Registered: 2019-06-04
  • Posts: 907

Re: CONNECT from

You can't

3 Reply by jackb

  • jackb
  • Member
  • Offline
  • From: Ireland
  • Registered: 2019-05-06
  • Posts: 117

Re: CONNECT from

kosmosfrs wrote:

31.184.201.205

A Firewall that supports GEOIP Blocking something like pfSense with pfblockerng, you could also do ASN Blocking which blocks the entire Network.

Cthulhu wrote:

You can't

Yep you can.

Regards

4 Reply by kosmosfrs

  • kosmosfrs
  • Member
  • Offline
  • Registered: 2023-12-19
  • Posts: 3

Re: CONNECT from

jackb wrote:
kosmosfrs wrote:

31.184.201.205

A Firewall that supports GEOIP Blocking something like pfSense with pfblockerng, you could also do ASN Blocking which blocks the entire Network.

Cthulhu wrote:

You can't

Yep you can.

Regards

Thank you