Firstly, thanks for looking. I have recently set up a postfix mailserver with dovecot using the following guide: https://www.linuxbabe.com/mail-server/ubuntu-18-04-iredmail-email-server
I have been monitoring the logs on /var/log/mail.log and the following entry keep showing every minute:
May 12 14:09:47 mail postfix/postscreen[32610]: CONNECT from [102.68.24.27]:59165 to [MYIP ADDRESS]:25 May 12 14:09:47 mail postfix/postscreen[32610]: PASS OLD [102.68.24.27]:59165 May 12 14:09:47 mail postfix/smtpd[32613]: warning: hostname yourcommunications.co.za does not resolve to address 102.68.24.27 May 12 14:09:47 mail postfix/smtpd[32613]: connect from unknown[102.68.24.27] May 12 14:09:47 mail postfix/smtpd[32613]: lost connection after EHLO from unknown[102.68.24.27] May 12 14:09:47 mail postfix/smtpd[32613]: disconnect from unknown[102.68.24.27] ehlo=1 commands=1
Please could someone help me block this ip from connecting?
I am on Ubuntu 20.04 using iredmail 1.4.0.
Any help would be greatly appreciated.
Look at these postfix anvil parameters:
anvil_rate_time_unit (default: 60s):The time unit over which client connection rates and other rates are calculated.
anvil_status_update_time (default: 600s):How frequently the anvil(8) connection and rate limiting server logs peak usage information.
smtpd_client_connection_count_limit (default: 50):The maximum number of connections that an SMTP client may make simultaneously.
smtpd_client_connection_rate_limit (default: no limit):The maximum number of connections that an SMTP client may make in the time interval specified with
anvil_rate_time_unit (default: 60s).smtpd_client_message_rate_limit (default: no limit):The maximum number of message delivery requests that an SMTP client may make in the time interval specified with
anvil_rate_time_unit (default: 60s).smtpd_client_recipient_rate_limit (default: no limit):The maximum number of recipient addresses that an SMTP client may specify in the time interval specified with
anvil_rate_time_unit (default: 60s).