Firewall blocks not working
-
Hello
last night I made 2 changes:
1- upgraded to 1.2-RC4
2- added a 2-nd WAN.We run a local mailserver. connections come in and out only on WAN1. For a long time I have blocked spamming i/p ranges.
After last night the blocks are not working.Here is a block rule:
<rule><type>block</type>
<interface>wan</interface>
<max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
<os><protocol>tcp</protocol>
<source><address>203.0.0.0/8</address>
<destination><any></any></destination></os></statetimeout></max-src-states></max-src-nodes></rule>
From our mail log:
Feb 21 10:12:40 fbc4.fantinibakery.com postfix/error[7239]: 7454597528: to=fanyu20031026@yahoo.com.tw, relay=none, delay=193440, delays=192339/1101/0/0, dsn=4.7.0,
status=deferred (delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.0 [TS01] Messages from 70.91.216.121 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)Feb 21 10:12:40 fbc4.fantinibakery.com postfix/error[7260]: 793CB6EB7C: to=gufen1357@yahoo.com.tw, relay=none, delay=260821, delays=259719/1101/0/0, dsn=4.7.0, status=deferred (delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.0 [TS01] Messages from 70.91.216.121 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
We are getting thousands of spam email attempts per hour.
Could someone point me to a solution?
thanks
Rob/gufen1357@yahoo.com.tw/fanyu20031026@yahoo.com.tw -
If I read the logs correctly you are trying to SEND these mails out and not to receive them and run in a temporarily block on a server at 203.188.197.10? Maybe you have a bot inside your network?
-
Hello
you are correct these are sends .thanks, looks like problem is on my end.