Discussion:
Block incoming mail IP range
(too old to reply)
Linux
2014-08-04 06:41:26 UTC
Permalink
Hi,

Please guide, How to block range of IP's for incoming mail?

IP: 209.85.xxx.xxx





Thanks,



Ravi
ChandranManikandan
2014-08-04 08:22:43 UTC
Permalink
Hi Ravi,
Use in IPTABLES to block it.
Post by Linux
Hi,
Please guide, How to block range of IP's for incoming mail?
IP: 209.85.xxx.xxx
Thanks,
Ravi
--
*Thanks & Best Regards,Manikandan.C*
Hasan Akgöz
2014-08-04 11:01:00 UTC
Permalink
Hi;

/etc/tcprules/smtp.rules. click link for details :
http://thedjbway.b0llix.net/djbrbl/rbletc.html
Post by ChandranManikandan
Hi Ravi,
Use in IPTABLES to block it.
Post by Linux
Hi,
Please guide, How to block range of IP's for incoming mail?
IP: 209.85.xxx.xxx
Thanks,
Ravi
--
*Thanks & Best Regards,Manikandan.C*
Tony White
2014-08-04 11:26:43 UTC
Permalink
This is the script I have been using...

examples
at the cli ...

blockip 192.168.1.26
or
blockip 192.168.0.0/16
or
blockip 192.168.1.0/24

works immediately and creates a rc.blockedips file for use on reboot
to reinstate the currently blocked ip's.

-- snip blockip -----
#!/bin/bash
logf="/var/log/blockip.log"
mdate=`date +%c`
mip=$1
### must be root ###
if [ `whoami` != "root" ]; then
echo ""
echo "$0 must be run as root"
echo ""
exit 1
fi;

export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec '^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"

if [ `echo $1 |eval $is_ip` != "1" ]; then
echo "$mdate Error in IP address $1" >> $logf
echo "$mdate Error in IP address $1"
else
iptables -I INPUT -s $1 -j DROP
echo "iptables -I INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips
echo "$mdate now dropping all packets from $1" >> $logf
fi;

-- end snip ----
Post by ChandranManikandan
Hi Ravi,
Use in IPTABLES to block it.
Hi,
Please guide, How to block range of IP's for incoming mail?
IP: 209.85.xxx.xxx
Thanks,
Ravi
--
*/Thanks & Best Regards,
Manikandan.C
/*
Tony White
2014-08-04 11:31:15 UTC
Permalink
FWIIW

This is the reverse - unblockip script...

Examples must be exactly the same as those
used to blockip/range.

-- snip unblockip ---
#!/bin/sh
logf="/var/log/blockip.log"
mdate=`date +%c`
### must be root ###
if [ `whoami` != "root" ]; then
echo ""
echo "$0 must be ran as root"
echo ""
exit 1
fi
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec '^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"

if [ `echo $1 |eval $is_ip` != "1" ]; then
echo "$mdate Error in IP address $1" >> $logf
else
iptables -D INPUT -s $1 -j DROP
echo "=== UNBLOCK IP ================" >> /etc/rc.d/rc.blockedips
echo "iptables -D INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips
echo "=== UNBLOCK IP ================" >> /etc/rc.d/rc.blockedips
echo "$mdate now allowing all packets from $1" >> $logf
fi

--- end snip ----


best wishes
Tony White
Post by Tony White
This is the script I have been using...
examples
at the cli ...
blockip 192.168.1.26
or
blockip 192.168.0.0/16
or
blockip 192.168.1.0/24
works immediately and creates a rc.blockedips file for use on reboot
to reinstate the currently blocked ip's.
-- snip blockip -----
#!/bin/bash
logf="/var/log/blockip.log"
mdate=`date +%c`
mip=$1
### must be root ###
if [ `whoami` != "root" ]; then
echo ""
echo "$0 must be run as root"
echo ""
exit 1
fi;
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
is_ip="grep -Ec '^[1-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9]\.[0-2]?[0-9]?[0-9](\/[0-3]?[0-9])?$'"
if [ `echo $1 |eval $is_ip` != "1" ]; then
echo "$mdate Error in IP address $1" >> $logf
echo "$mdate Error in IP address $1"
else
iptables -I INPUT -s $1 -j DROP
echo "iptables -I INPUT -s $1 -j DROP" >> /etc/rc.d/rc.blockedips
echo "$mdate now dropping all packets from $1" >> $logf
fi;
-- end snip ----
Post by ChandranManikandan
Hi Ravi,
Use in IPTABLES to block it.
Hi,
Please guide, How to block range of IP's for incoming mail?
IP: 209.85.xxx.xxx
Thanks,
Ravi
--
*/Thanks & Best Regards,
Manikandan.C
/*
David Milholen
2014-08-15 22:19:22 UTC
Permalink
If you are just wanting to drop that block from sending mail
three ways
#1 Firewall Iptables
#2 Spamdyke blacklist_ip
#3 Tcp rules
Post by Linux
Hi,
Please guide, How to block range of IP's for incoming mail?
IP: 209.85.xxx.xxx
Thanks,
Ravi
--

Loading...