On 5/24/24 9:33 AM, Matus UHLAR - fantomas via Postfix-users wrote:
On 24.05.24 07:36, John Hill via Postfix-users wrote:
What command do you use to reset the connection?
no command, just rule in OUTPUT chain:
1710 649K REJECT 6 -- * * 0.0.0.0/0
0.0.0.0/0 tcp spt:25 match-set block-smtp dst reject-with
icmp-port-unreachable
so any outgoing (dst) packet from TCP port 25 to IP address in ipset
"block-smtp" will result in icmp port unreachable.
It can be changed to tcp-reset.
I use NFtables. This is near what I use in the active table. I was
having so many multiple attempts, I had to block it immediately.
I'm not sure It would kill the current connection. But the change to
Postfix timing did.
--john
On 5/24/24 6:18 AM, Matus UHLAR - fantomas via Postfix-users wrote:
On 23.05.24 21:03, John Hill via Postfix-users wrote:
I use Fail2Ban to block the failed IP. The script writes it into
the nftables table immediately.
I think this keeps Postfix waiting and times out, not a big deal.
Is there a cli that my bash script could force disconnect the ip
from Postfix?
I use fail2ban a way where incoming packets to port 25 get dropped
and outgoing packets from port 25 get reset, so smtpd should receive
info to close connection when first packet leaves.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
