How to block an IP address in Plesk Firewall




  • Avatar
    Peter Kielbasiewicz

    I have blocked some IPs according to the given recipe but they still show up in mail.log on my Ubuntu 16LTS server.

    iptables -L -n | grep DROP shows the banned IP but in mail.log I still see lines like this:

    Oct 7 08:29:10 h2731456 postfix/smtpd[15954]: connect from unknown[]
    Oct 7 08:29:10 h2731456 plesk_saslauthd[15957]: failed mail authentication attempt for user '' (password len=7)


    Comment actions Permalink
  • Avatar
    Taras Ermoshin

    @Peter Kielbasiewicz Hello!

    Make sure that all TCP ports used by SMTP - 25, 465, 587 - are added in the Ports section of the rule.

    Also, consider using Fail2Ban to protect from brute force attacks (there is already "plesk-postfix" jail in the Fail2Ban shipped with Plesk).

    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request