2018-01-30 13:29 GMT+03:00 Matus UHLAR - fantomas <uh...@fantomas.sk>:
> On 30 Jan 2018 3:43 a.m., "Paul" <p...@netpresto.co.uk> wrote: >>> >>>> What is the source IP you see making connections to your new postfix >>>> server >>>> ? >>>> >>>> >>> On 30.01.18 09:28, jin&hitman&Barracuda wrote: >>> >>>> It is 172.27.203.20 >>>> >>> > 2018-01-30 12:03 GMT+03:00 Matus UHLAR - fantomas <uh...@fantomas.sk>: >> >>> this is also a private address and it should not appear in the public >>> internet. Should not be a problem between servers. >>> >>> If you see this IP when you connect to your postfix from the internet, >>> complain to your new ISP immediately. Connections from outside should not >>> be >>> NATted. >>> >> > once again, when you connect from outside to 213.14.BBB.59, do you see the > connection coming from 172.27.203.20? > > If so, this will hardly spoil any blacklisting or whitelisting and of > course > spam detection. Ask the ISP for not doing source NAT when connecting from > outside to inside. > > let's clear things up: >>> >>> - which IP do you have when mailing to the outside? >>> - which IP you have to connect from outside in order to get to your mail >>> server? >>> >> > On 30.01.18 13:01, jin&hitman&Barracuda wrote: > >> When I reach to another host, I see this address 213.74.AAA.114 as my >> source >> When I connect to new postfix I use this IP 213.14.BBB.59 >> > > no problem - you just need to have proper valir reverse (and forward) DNS > records for 213.74.AAA.114, while MX can point to 213.14.BBB.59 > > however I would ask the ISP if they can't provide the same IP, for easier > troubleshooting. > > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > - Have you got anything without Spam in it? > - Well, there's Spam egg sausage and Spam, that's not got much Spam in it. > Sorry I missed your questions. Yes I saw connections coming from 172.27.203.20 and it was me. I believe this setup is not fit mail servers. Becouse I prefer to use fail2ban for brute force attacks and fail2ban depends source IP address. In this setup I can't see source IP. Also I'll use iptables as a permanent filter for some IPv4 blocks (like china). Can anyone tell me that this setup has any benefit ? -- *There is no place like "/home"* *From HemiB A R R A C U D A !*
