Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Block IP

  1. #1
    cartaysm is offline Active Member
    Join Date
    Mar 2011
    Posts
    44
    Rep Power
    4

    Default Block IP

    I am getting a lot of spam on my accounts from over seas IP addresses. I have been researching some ways to block all non USA IP's and have found the following;
    GEO IP
    .htaccess
    /etc/host.deny

    The problem I am having is that non of these actually block incoming IPs via email (unless of course I have just not found the right article yet that explains it the right way).

    I am looking for a way to block all non US IPs from sending emails, any suggestions?

  2. #2
    Yves Pires is offline Senior Member
    Join Date
    Jun 2011
    Posts
    52
    Rep Power
    4

    Default

    big percentage of spam source come from USA, so blocking other regions don't solve your problem at all.

    your accounts are getting hacked(brute force,virus) and sending SPAM?

    or

    your mailserver is getting bombarded with tons of SPAMS?

  3. #3
    cartaysm is offline Active Member
    Join Date
    Mar 2011
    Posts
    44
    Rep Power
    4

    Default

    Its not tons of spam, its maybe 10 a day coming into my accounts (not out) but all ips are from outside US so blocking all non US ips will solve my problem for now.

  4. #4
    dik23 is offline Advanced Member
    Join Date
    Dec 2010
    Location
    UK
    Posts
    224
    Rep Power
    4

    Default

    That's amazing !

  5. #5
    cartaysm is offline Active Member
    Join Date
    Mar 2011
    Posts
    44
    Rep Power
    4

    Default

    What is amazing? Do you have a suggestion to block a list of IPs from sending emails to my system?

  6. #6
    cartaysm is offline Active Member
    Join Date
    Mar 2011
    Posts
    44
    Rep Power
    4

    Default

    Nevermind just had an epiphany, instead of blocking a lot of useful IPs from my server, I will tighten down Spam filters, since the spam I am getting is spoofing the from field. Thanks for the help

  7. #7
    dik23 is offline Advanced Member
    Join Date
    Dec 2010
    Location
    UK
    Posts
    224
    Rep Power
    4

    Default

    That might be preferable to blacklisting ~95% of the worlds population.

    Have you looked at RBLs ?

  8. #8
    cartaysm is offline Active Member
    Join Date
    Mar 2011
    Posts
    44
    Rep Power
    4

    Default

    I have not, do you have any suggestions?

  9. #9
    void is offline Active Member
    Join Date
    Nov 2007
    Posts
    48
    Rep Power
    7

    Default

    I have the same issue and since most people will tell you that their SPAM comes from the US and not overseas, and that everybody in Korea is a saint, and nobody in Russian is trying to brute force me right now...

    OK anyway back to reality. The internet is hostile. You can block whoever you want. Ignore the hippies that tell you that you are a bad person because you want to block the world.

    Just remember, that you WILL block people you shouldn't. For example, some of your friends in North Washington might actually show up on Canadian IP addresses.

    OK so anyway you need to think about this backwards. (sign of a good sysadmin)

    Solution:
    Why block the world? Just block everything by default, and only allow the IPs you want. You can do this with a shell script, I wrote mine in like 5 minutes while drunk so... All I do is just toss every IP address in the US in to a file, and poke a hole to my server on port 25 only from those IPs.

    Basic firewall fundamentals right? It's easier to block the world, and allow only what you want, than to allow the world and only block a few people.

    And no, I'm not gonna write the shell script for you or post mine. I will point you to DNSstuff where you can easily get a list of all the IPs assigned to each country.

    Hopefully you are running Zimbra on linux so you can use IPTables.

    Cheers!
    Using:
    zcs-7.1.4_GA_2555.RHEL6_64.20120105094542

    On:
    CentOS 6.1
    Dual Xeon.Dell SC1425

  10. #10
    dik23 is offline Advanced Member
    Join Date
    Dec 2010
    Location
    UK
    Posts
    224
    Rep Power
    4

    Default

    Quote Originally Posted by cartaysm View Post
    I have not, do you have any suggestions?
    Search Google and these forums for Zimbra and RBLs

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 32
    Last Post: 03-18-2011, 11:03 AM
  2. [SOLVED] Changing Internet Provider/new ip block
    By mickier in forum Administrators
    Replies: 5
    Last Post: 12-03-2010, 03:08 PM
  3. zmclamdctl is not running after upgrade
    By Darren in forum Installation
    Replies: 24
    Last Post: 10-10-2008, 09:10 AM
  4. block IP address on failed login attemps
    By support.txdistlcms.org in forum Administrators
    Replies: 0
    Last Post: 10-25-2007, 11:14 AM
  5. HOWTO? Whitelist IP Block + SMTP Auth Users
    By stbain in forum Administrators
    Replies: 4
    Last Post: 09-19-2006, 11:42 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •