Using GeoIP to block or allow country connections

This section contains scripts that hMailServer has contributed with. hMailServer 5 is needed to use these.
percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Using GeoIP to block or allow country connections

Post by percepts » 2009-11-02 07:17

http://www.maxmind.com/ provide free IP lookup tables which can be implemented to either allow certain countries or block them from connecting to your hMailServer. The free database claims 99% accuracy and is updated each month.

here's how I did it.

create a sub folder in your hmailserver programs folder called 'geoip'

download the free database (updated monthly) from

http://geolite.maxmind.com/download/geo ... oIP.dat.gz

unzip and place it in the folder you just created (hmailserver\geoip)

the unzipped file should be called GeoIP.dat

Read Microsoft COM section at

http://dev.maxmind.com/geoip/legacy/downloadable

Download the COM API zip file from the link on page. or from following link

http://www.maxmind.com/GeoIP-COM-1.3.zip

32bit OS users:
unzip GeoIP-COM-1.3.zip and place the file GeoIpComEx.dll into your windows\system32 folder
then:

run windows command prompt and enter the following two commands.

cd windows\System32
regsrv32.exe GeoIpComEx.dll

then reboot pc and continue skipping the 64bit OS users section

64bit OS users:
unzip GeoIP-COM-1.3.zip and place the file GeoIpComEx.dll into your windows\sysWOW64 folder
then:

run windows command prompt as administrator and enter the following two commands.

cd windows\SysWOW64
regsrv32.exe GeoIpComEx.dll

(N.B. some people report problems with installing 32bit dll on 64bit windows. If after completing full instructions below you have problems using GeoIpComEx.dll you can try downloading the "MS COM API Guide for 64bit machines" from http://www.maxmind.com/GeoIP_MSCOM_64bit.pdf and follow instructions for full installation/registering of dll. And please check events log to see what problem is.)

then reboot pc and continue below

then both 32bit and 64bit OS users:
edit your hMailServer EventHandlers.vbs script file to include the following code in the OnClientConnect event handler section.

Code: Select all

 Dim geoip
 Result.Value = 1
 set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
 geoip.set_db_path("c:\Program files\hmailserver\geoip\")
 geoip.find_by_addr(oClient.IPAddress)
 country = geoip.country_code

If (country = "LH" ) Then
  Result.Value = 0
 End if    
 If (country = "LN" ) Then
  Result.Value = 0
 End if
 If (country = "GB" ) Then
  Result.Value = 0
 End if
 If (country = "US" ) Then
  Result.Value = 0
 End if
 If (country = "SE" ) Then
  Result.Value = 0
 End if
 If (country = "DE" ) Then
  Result.Value = 0
 End if 
 If (country = "FR" ) Then
  Result.Value = 0
 End if 

 If (Result.Value = 1 ) Then  ' Rejected
  EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
 End if
change the path in line geoip.set_db_path("c:\Program files\hmailserver\geoip\")
to point to where ever you put your geoIP.dat file.
save EventHandlers.vbs file and then in the hmailsever script page reload the scripts.
You're good to go.

What this will actually do is block any IP which is not in the listed countries from connecting to your mailserver. The country codes LH and LN mean localhost and Local area Lan so both should always be included in the inclusion list or removed if you decide to make an exclusion list (see below).

The way I have set it up, it will only allow through a few selected countries. You can take the opposite approach and and only block selected countries by changing default Result.value to 0 (towards top of code) and setting the Result.value to 1 for each selected country.
Obviously you can add or subtract as many countries as you like.

N.B. GB is the correct code for the United Kingdom. I assumed it was UK and spent a lot of time head scratching as to why it wouldn't work.

I never programmed in VBScript before so I'm sure someone can improve the list by putting it in a loop...

*** WARNING ***
Implement this at your own risk...
this will block every IP from a given country so users of gmail, hotmail, yahoo and all the other online mail providers will be blocked if they are being sent from servers in one of the blocked countries. So it is probably not a good idea to block the US even if you do get some spam from them.

The Pros
If you are receiving thousands of spam messages everyday from certain countries, this will stop those mails from ever reaching your server and reduce log file sizes significantly as well as reduce spam processing and communications with other mail severs. And since it blocks the initial connect before mail message is transferred, it will also lose all the log file messages for attempts to deliver to unknown users.

Only one call to a local binary lookup file is required to get the country code so performance is reasonable.
For optimum performance it may be better to download the csv file and load a mysql or mssql db and modify code to lookup from db. This is becaue the geoip.dat file is 800K or so in size and I don't think it stays in memory from one ip lookup to the next but not too sure about that.

The Cons
You could easily lose genuine emails from countries you have blocked. But then how often do you get real messages from foreign countries. That's your call and depends on where you are doing business and which country you are based in.
To keep IP list uptodate you have to download the GeoIP.dat database file monthly but you can easily automate that using scheduled task or using the maxmind API for it (see their site). Its not a problem if you don't update it monthly but best to do it fairly regularly.

Have fun....

Addition:
to cycle the event log file create a .vbs file on your system with the code below.

To be run using windows task scheduler so you can set frequency to whatever you like as long as its no shorter than 24 hours(daily).

The archived log file is given the previous days date so it represents event log data upto that date from previous log file date. (more or less)
Be sure to set your password in the authenticate step.
Its just a simple rename of the events log file.
HMS is closed to release the log file and restarted again after the rename.
The new log file is created automatically by HMS next time it tries to write to it.

Code: Select all

Set WshShell = Wscript.CreateObject("Wscript.Shell")
Set oLog = CreateObject("hMailServer.Logging")
Set oApp = CreateObject("hMailServer.Application")
Set oFSO = CreateObject("Scripting.FileSystemObject")
LogDate = DateAdd("d", -1, Date)
myMonth = Right("0"+CStr(Month(LogDate)),2)
myDay = Right("0"+CStr(Day(LogDate)),2)
OldName = oLog.CurrentEventLog
NewName = Left(oldName,(Len(OldName) - 4)) + "_" + CStr(Year(LogDate))+"-"+myMonth+"-"+myDay + ".log"
If oFSO.FileExists(NewName) = False Then
    Call oApp.Authenticate("Administrator", "mypass")
    Call oApp.Stop
    oFSO.MoveFile OldName , NewName
    Call oApp.Start
End If
Set WshShell = Nothing
Last edited by mattg on 2013-05-21 05:14, edited 18 times in total.
Reason: changed wording as per percept's request

dvdbrwn112
New user
New user
Posts: 1
Joined: 2009-11-02 06:36

Re: Using GeoIP to block or allow country connections

Post by dvdbrwn112 » 2009-11-02 09:14

HI, I am david and i am new to this forum. This is my first post on this forum. I read this article and i like it so much. Max mind's application is really good.
We can block the ip not only the contry-wise but also a city-wise.
We can also unblock them. Their credit card fraud's white paper is really good. You can minimize the credit card frauds.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-11-02 09:24

No you can't block city wise. Well you can implement city blocking but the IP location will be at the ISP registered address which may be in a different town/city from where their servers are located which may be in a different town/city from where the user is located. In other words, the city location is useless except for the few who have bought private IP numbers and register them at the same location as where their severs and end users are located. and you don't know who they are. So its not so clever.
dvdbrwn112 wrote:HI, I am david and i am new to this forum. This is my first post on this forum. I read this article and i like it so much. Max mind's application is really good.
We can block the ip not only the contry-wise but also a city-wise.
We can also unblock them. Their credit card fraud's white paper is really good. You can minimize the credit card frauds.

Infodine
New user
New user
Posts: 15
Joined: 2007-09-03 18:46

Re: Using GeoIP to block or allow country connections

Post by Infodine » 2009-12-08 08:02

Hi,

Is there a way to add a check to see the domain the message is to?

For example if I have one guy on xyz.com that wants to use the
IP check and one guy aaa.com that doesn't, is there a way I can
put in a case or if so that I can apply this lookup to certain domains
based on where the email is addressed to? joe@xyz.com = use your IP lookup,
ken@aaa.com, don't use it. Do you get to look at the emails TO:
before you reject, or is it automatic based on just the ip?

Question: If someone is on the whitelist, and the country is banned,
will the message come through. Does the script come before Whitelist?
Anyway to check Whitelist before banning the connection? Probably
not if you reject the connection and don't see the email at all.

Thanks for any help with this.

Infodine

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-21 08:07

Not possible in this implementation because this script is executed before the email is delivered to hms. This script is a connection block on IP number alone. It leaves no trace in your log files as the initial connection is rejected before it even sends anything to hms.
I've been running this since I wrote it and it works like a charm.

Infodine
New user
New user
Posts: 15
Joined: 2007-09-03 18:46

Re: Using GeoIP to block or allow country connections

Post by Infodine » 2009-12-21 08:33

Hi,

I'd love to block all and have a handful of good countries to allow
except I have one client that needs a lot of countries because of
her business. If there was a way to check the header for where
the email is going (domain) and use your blocking on only some
domains who want it on the server instead of a blanket for all.

I guess I'll have to dig into scripting over the holidays because the
spam has just gone nuts lately, not sure if it is because December
hit or what but it has been crazy. I use the blacklists but they must
be rotating IPs or something. I can't have the delays that greylisting
will cause.

Infodine

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-21 09:03

Get that one client to use a gmail address as their replyto address. Then setup that gmail account to forward to their own domain email address.
Send outgoing email from their own domain email address. That way anyone worldwide can send email via gmail and gmail is very good at filtering spam. Just don't block the US.

Anyone trying to send direct to their domain name emails will get blocked if not one of the accepted countries.

mns17
Normal user
Normal user
Posts: 124
Joined: 2008-06-18 11:13

Re: Using GeoIP to block or allow country connections

Post by mns17 » 2009-12-21 13:23

http://countries.nerd.dk/isolist.txt

Settings - antispam - dns blacklist - add

example for US:

DNS host: us.countries.nerd.dk
Expected result: 127.0.3.72
message: Rejected by countries 'us' vist http://countries.nerd.dk/
Score: 3

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-27 12:24

the geoip.dat file as linked to in first post of this thread works fine. You may have a problem in downloading or unzipping gzip files if you needed to get a .zip version.

I use the same geoip.dat file in awstats for geo-ip location lookups on web hits and it works fine too ( much faster than reverse dns lookups).

Good to know someone found it useful.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-27 23:56

I think it is your system which is causing the download problem. The GeoIp.dat.gz file is currently 485Kb as downloaded from the maxmind site using the link I gave.

Logging? Don't know. You may be able to modify script but would have to check what's available in the HMS API.

As for awstats, you need to install the following from cpan:

http://search.cpan.org/dist/Geo-IP-PurePerl-1.23/

and then for me the geoip.dat file goes into:

program files\perl\site\lib\geo\IP

then activate plugin in awstats conf

LoadPlugin="geoip GEOIP_STANDARD c:\program files\perl\site\lib\geo\ip\GeoIP.dat"

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-28 00:28

Logging? Don't know. You may be able to modify script but would have to check what's available in the HMS API.

Does that mean you aren't interested?
No it means I see no value in the data. You can't stop the attempts. You only get the IP and you can't report it because without the mail it was going to try and send you don't know if it was spam or not. All it will tell you is that you rejected a connection. What are you going to do with that data? If you want to log then don't use the script and use normal spam filtering and everything will be logged as before.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-28 02:31

horndog wrote:
...All it will tell you is that you rejected a connection
That is exactly what I want :) I can cross reference rejected connections to some one complaining about a missing email. If there is a discrepancy I'll have the choice of updating GeoIp.dat, adding a country or not using the script. Bottom line I will use it as a diagnostic tool.
Just for you I modified the script in first post of thread ( 3 new lines at bottom).

It writes a single line to event log for every rejected connection. Still not sure what use it will be because if you have a spam attack from any country you will likely have hundreds of reject messages which won't tell you if the reason the one email was missing was because of the rejects. You won't know what IP the message was coming from.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-28 05:04

moded the event log message to include full country name ( I'm never sure which country all the 2 char codes are )

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-28 06:28

from geoip.dat
There is no internet lookup with this solution which makes it much faster.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-28 14:36

modded the eventlog output again to make it easier to play with. i.e. tab delimited so now you can sort on country and IP if you like to spend time looking at these things.

DeanoX
Senior user
Senior user
Posts: 480
Joined: 2005-11-05 00:07
Location: Michigan

Script Error

Post by DeanoX » 2009-12-29 19:32

I am trying this out, but I am getting an error.

The error,

Code: Select all

Script Error: Source: Microsoft VBScript runtime error - Error: 800A01A8 - Description: Object required: 'Result' - Line: 3 Column: 0 - Code: (null)
And my eventhandler.vbs,

Code: Select all

'   Sub OnClientConnect(oClient)
Dim geoip
Result.Value = 1
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "LH" ) Then
  Result.Value = 0
End if   
If (country = "LN" ) Then
  Result.Value = 0
End if
If (country = "GB" ) Then
  Result.Value = 0
End if
If (country = "US" ) Then
  Result.Value = 0
End if
If (country = "SE" ) Then
  Result.Value = 0
End if
If (country = "DE" ) Then
  Result.Value = 0
End if
If (country = "FR" ) Then
  Result.Value = 0
End if

If (Result.Value = 1 ) Then  ' Rejected
  EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
End if
'   End Sub

'   Sub OnAcceptMessage(oClient, oMessage)
'   End Sub

'   Sub OnDeliveryStart(oMessage)
'   End Sub

'   Sub OnDeliverMessage(oMessage)
'   End Sub

'   Sub OnBackupFailed(sReason)
'   End Sub

'   Sub OnBackupCompleted()
'   End Sub
Any idea what may be wrong? I followed the directions.

DeanoX
Senior user
Senior user
Posts: 480
Joined: 2005-11-05 00:07
Location: Michigan

Re: Script Error

Post by DeanoX » 2009-12-29 19:53

Thanks, that fixed the error. :oops:

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-29 22:53

horndog wrote:
horndog wrote:... Is this new feature for importing this data into a spread sheet?
After my event logs where populated with some data I can now see how the "tab delimited" feature makes the columns line up nicely. That is a nice addition!
Infact I tweaked the log message again since I last said. You can now just send it to excel and everything is split into columns nicely for sorting.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-30 00:57

horndog wrote:
horndog wrote:
percepts wrote:...Infact I tweaked the log message again since I last said. You can now just send it to excel and everything is split into columns nicely for sorting.
That's fantastic! Now if we could only update geoip to include any IP's that show up with out an associated country. Maybe using GeoIP.csv? I manually look up the IP on the Internet and write the country in the log file. It would be nice to only have to do that once!
Another Idea! Is there a way to add a white List file to your script? For that matter an update file to store any updated IP with an added country? It's counter productive to add a whole county to the exception list just for one IP!
Many things are possible but I don't have the time to spend on it right now. You might change the script to make it an exclusion rather than an inclusion list as detailed in the instructions. Then just add a check for the IP's you want to allow through and set return value to zero if you find any of them. But you'll need to list all the countries you want to exclude which may or may not be a lot longer list than an inclusion list.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2009-12-30 08:34

horndog wrote:
...I don't have the time to spend on it right now...
I really appreciate the work you have done with your script and the extras that I asked for! I didn't mean to infer that this or any other idea must be handled now or any time for that mater. I'm just "brain storming" with the group. There is always a way to improve something. The proof of that is your added log features. Thanks again for your great script!
do this :

Code: Select all


Dim geoip
Result.Value = 0
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "CN" ) Then  ' Reject this country
  Result.Value = 1
End if
If (country = "KR" ) Then  ' Reject this country
  Result.Value = 1
End if
If (country = "MX" ) Then  ' Reject this country
  Result.Value = 1
End if

If (oClient.IPAddress = "123.123.123.123" ) Then    ' Allow this IP through reagardless of country
  Result.Value = 0
End if 
If (oClient.IPAddress = "45.45.45.45" ) Then    ' Allow this IP through regardless of country
  Result.Value = 0
End if 

If (Result.Value = 1 ) Then  ' Rejected
  EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
End if
OR

Code: Select all


Dim geoip
Result.Value = 1
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "LH" ) Then  'Accepts this country
  Result.Value = 0
End if
If (country = "LN" ) Then  ' Accept this country
  Result.Value = 0
End if
If (country = "US" ) Then  ' Accept this country
  Result.Value = 0
End if

If (oClient.IPAddress = "123.123.123.123" ) Then    ' Allow this IP through reagardless of country
  Result.Value = 0
End if 
If (oClient.IPAddress = "45.45.45.45" ) Then    ' Allow this IP through regardless of country
  Result.Value = 0
End if 

If (Result.Value = 1 ) Then  ' Rejected
  EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
End if
Providing the specific checks for specific IP numbers come after the country code checks they will overide the country check result

User avatar
Rainer
Normal user
Normal user
Posts: 166
Joined: 2007-06-21 13:40
Location: Zweibrücken - Germany

Re: Using GeoIP to block or allow country connections

Post by Rainer » 2010-02-05 11:49

Hello, I use this tool since yesterday!

Very great, the most spammer's are blocked and my logfile is now clearly.
Here's my code:

Sub OnClientConnect(oClient)
Dim GeoIP
Dim Country
'
'-> Mit Hilfe der GeoIP-DLL die TLD auslesen!
'
Set GeoIP = CreateObject("GeoIPCOMEx.GeoIPEx")
GeoIP.set_db_path("C:\Programme\hMailServer\GeoIP\")
GeoIP.find_by_addr(oClient.IPAddress)
'
'-> Land bestimmen!
'
Country = GeoIP.country_code
'
Select Case Country
Case "AO","AZ","BD","BR","BY","CN","CO","CZ","GE","ID","IN","IR","JM","KG","KH","KP","KR","KW","KZ","LA","LB","MD","MM","PR","RO","RU","TH","TJ","TM","TW","UA","UZ","VN","ZA"
'
'-> Unerwünschtes Land!
'
EventLog.Write("Geo-IP rejected:" + Chr(34) + vbTab+oClient.IPAddress + vbTab+Chr(34) + GeoIP.country_code + " " + GeoIP.country_name)
Result.Value = 1
Case Else
'
'-> Land ist OK!
'
'EventLog.Write("Geo-IP accepted:" + Chr(34) + vbTab+oClient.IPAddress + vbTab+Chr(34) + GeoIP.country_code + " " + GeoIP.country_name)
Result.Value = 0
End Select
'
Set GeoIP = Nothing
End Sub





Kind regards :)
Rainer Noa

joeuser1023
New user
New user
Posts: 3
Joined: 2010-06-22 03:29

Re: Using GeoIP to block or allow country connections

Post by joeuser1023 » 2010-06-22 05:30

Hello,

This looks like it would be a great resource to block spam. I installed it based on the instructions provided in your post but I'm getting the following error. The only thing different was I removed the (.gz) off the end of the database I downloaded.

"ERROR" 440 "2010-06-21 18:08:07.303" "Script Error: Source: (null) - Error: 80010105 - Description: (null) - Line: 6 Column: 6 - Code: (null)"

Do you know what could be causing this error? Any help would be greatly appreciated.

Thank You,
Joe

joeuser1023
New user
New user
Posts: 3
Joined: 2010-06-22 03:29

Re: Using GeoIP to block or allow country connections

Post by joeuser1023 » 2010-06-22 06:26

Hello,

Just wanted to update my post based on trying several changes to see if I can get it to work. I decided to use another script mentioned in this post and it does not give me the error.

Dim geoip
Result.Value = 0
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "CN" ) Then ' Reject this country
Result.Value = 1
End if
If (country = "KR" ) Then ' Reject this country
Result.Value = 1
End if
If (country = "MX" ) Then ' Reject this country
Result.Value = 1
End if

If (oClient.IPAddress = "123.123.123.123" ) Then ' Allow this IP through reagardless of country
Result.Value = 0
End if
If (oClient.IPAddress = "45.45.45.45" ) Then ' Allow this IP through regardless of country
Result.Value = 0
End if

If (Result.Value = 1 ) Then ' Rejected
EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
End if


When I try another script mentioned in this post (which I like this script for me) it blocks US IP addresses. Can someone see why it does this?

Dim geoip
Result.Value = 1
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "LH" ) Then 'Accepts this country
Result.Value = 0
End if
If (country = "LN" ) Then ' Accept this country
Result.Value = 0
End if
If (country = "US" ) Then ' Accept this country
Result.Value = 0
End if

If (oClient.IPAddress = "123.123.123.123" ) Then ' Allow this IP through reagardless of country
Result.Value = 0
End if
If (oClient.IPAddress = "45.45.45.45" ) Then ' Allow this IP through regardless of country
Result.Value = 0
End if

If (Result.Value = 1 ) Then ' Rejected
EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
End if


I'm not sure why the first script does not work. Just wanted to let you know. Can someone tell me why the above script blocks US IPs. Do I need to include another country?

thank you,
Joe

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2010-06-22 11:31

the file you download from maxmind is a gzip file. You must unzip it. Winzip or 7zip will unzip it. The extracted file is called GeoIP.dat and that is the database file that you should be using.

User avatar
Caspar
Senior user
Senior user
Posts: 378
Joined: 2008-09-08 11:47
Contact:

Re: Using GeoIP to block or allow country connections

Post by Caspar » 2010-06-22 11:36

I just tried this one out with IP addresses that we as an ISP use, and it gives the wrong locations. One it tells its in "Rotterdam" while it is in "Amsterdam" and one it tells its in "nieuwekerk" while its in " Zoetermeer". if you will look at the map of the netherlands, you will notice that all of the places are fairly far away (in dutch standards). so I wouldn't fully accept the results of it.
If you have strange problems or errors use the log analyzer! http://log.damnation.org.uk
Join us on IRC! http://hmailserver.com/irc_fullscreen.php

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2010-06-22 11:44

You are trying to use city lookup. It has already been pointed out in the above thread that city lookup doesn't work the way people assume it will.
City lookup is based on IP and IPs are mostly allocated to the ISPs who buy them. That means all the IPs bought by one ISP will be allocated the city which is the registered address of the ISP. The ISPs allocate IPs to their clients but the city remains the one allocated to the ISP. So city lookup is useless unless yuo want to know the registered cities of ISPs.
I don't know of any way to collect city information for end users that works.

The country code lookup works fine.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2010-06-22 11:54

Caspar wrote:I just tried this one out with IP addresses that we as an ISP use, and it gives the wrong locations. One it tells its in "Rotterdam" while it is in "Amsterdam" and one it tells its in "nieuwekerk" while its in " Zoetermeer". if you will look at the map of the netherlands, you will notice that all of the places are fairly far away (in dutch standards). so I wouldn't fully accept the results of it.
I would add that if you have purchased a block of IPs from your issuing authority then it is upto you to make sure they have allocated them to the city you are registered in.

joeuser1023
New user
New user
Posts: 3
Joined: 2010-06-22 03:29

Re: Using GeoIP to block or allow country connections

Post by joeuser1023 » 2010-06-22 13:11

Thank You very much! When I first looked at the .gz file I tried to unzip it but couldn't. I had to just look at it wrong (late night working). My apology and many thanks again!

Joe

User avatar
mattg
Moderator
Moderator
Posts: 19257
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Using GeoIP to block or allow country connections

Post by mattg » 2010-06-22 15:18

Caspar wrote:I just tried this one out with IP addresses that we as an ISP use, and it gives the wrong locations. One it tells its in "Rotterdam" while it is in "Amsterdam" and one it tells its in "nieuwekerk" while its in " Zoetermeer". if you will look at the map of the netherlands, you will notice that all of the places are fairly far away (in dutch standards).
Mate, we have single farms (we call them 'Properties' or 'Stations') bigger than half of the Netherlands - http://en.wikipedia.org/wiki/Anna_Creek_station
:wink:
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-19 18:04

I am trying to use the GEO script but get the following errors

"ERROR" 2844 "2012-04-19 10:56:43.558" "Script Error: Source: Microsoft VBScript runtime error - Error: 800A01AD - Description: ActiveX component can't create object: 'GeoIPCOMEx.GeoIPEx' - Line: 4 Column: 1 - Code: (null)"

Below is my script

' Sub OnClientConnect(oClient)
Dim geoip
Result.Value = 1
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "LH" ) Then
Result.Value = 0
End if
If (country = "LN" ) Then
Result.Value = 0
End if
If (country = "GB" ) Then
Result.Value = 0
End if
If (country = "US" ) Then
Result.Value = 0
End if
If (country = "CA" ) Then
Result.Value = 0
End if


If (Result.Value = 1 ) Then ' Rejected
EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
End if

' End Sub

' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

Sub OnAcceptMessage(oClient, oMessage)
If oClient.Username <> "" Then
If LCase(oClient.Username) <> LCase(oMessage.FromAddress) Then
Result.Value = 2
Result.Message = "You are only allowed to send from your own account"
End If
End If
End Sub

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-19 18:28

have you installed and "registered" the com api into a directory in your system path? The download is a zip file and contains a txt file with instructions on registering at end of file.

download the MS COM API from http://www.maxmind.com/app/com

note: I am now running this on 64bit windows 7 machine and its working for me. I installed it in c:\windows\syswow64 but if you are on 32 bit windows then you should install it in c:\windows\ system32 or your system folder.

If you are on 64bit windows then you need to follow the 64bit guide at the above link for registering the com api. I seem to remember I found this a bit tricksy but I got there eventually.

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-19 18:46

I am running it on a windows 2003 server and registered it using
REGSVR32
I will reread the instructions

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-19 19:07

I don't know windows 2003 server. A reboot may make the com api available after registering but I'm clutching at straws with this suggestion.

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-19 19:33

I did register the DLL per instructions
but now I am getting the below error message

"ERROR" 2844 "2012-04-19 12:33:01.080" "Script Error: Source: Microsoft VBScript runtime error - Error: 800A01A8 - Description: Object required: 'oClient' - Line: 6 Column: 1 - Code: (null)"



Will reboot

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-19 19:45

is your version of windows 2003 32bit or 64bit? If its the latter then the registering procedure is different.

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-20 19:25

p.s.

I wouldn't block country code DE which is Germany cos if you do you won't get any mails from HMailServer HQ and this forum. :mrgreen:

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-21 11:27

32 bit and yes I guess I will leave DE in

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-21 19:04

And I think you need to remove the quote marks before "Sub OnClientConnect(oClient)" and before the "End Sub" for it

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-22 11:41

Well it looks like it's working
but I am not getting any rejections lines in the event log
below is my code now
and a log snippet

Sub OnClientConnect(oClient)
Dim geoip
Result.Value = 1
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "LH" ) Then
Result.Value = 0
End if
If (country = "LN" ) Then
Result.Value = 0
End if
If (country = "GB" ) Then
Result.Value = 0
End if
If (country = "US" ) Then
Result.Value = 0
End if
If (country = "SE" ) Then
Result.Value = 0
End if
If (country = "DE" ) Then
Result.Value = 0
End if
If (country = "CA" ) Then
Result.Value = 0
End if

If (Result.Value = 1 ) Then ' Rejected
EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
End if


' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliveryStart(oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
End Sub

' End Sub

' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

Sub OnAcceptMessage(oClient, oMessage)
If oClient.Username <> "" Then
If LCase(oClient.Username) <> LCase(oMessage.FromAddress) Then
Result.Value = 2
Result.Message = "You are only allowed to send from your own account"
End If
End If
End Sub



event log snippet


"TCPIP" 2712 "2012-04-22 04:14:43.911" "TCP - 92.47.88.132 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:15:04.583" "TCP - 178.122.159.210 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:15:05.505" "TCP - 78.38.140.8 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:15:09.692" "TCP - 121.245.61.199 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:15:20.864" "TCP - 93.34.166.99 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:15:28.661" "TCP - 182.156.122.217 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:15:33.349" "TCP - 111.95.121.211 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:16:37.647" "TCP - 202.8.243.76 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:16:55.413" "TCP - 217.16.89.63 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:16:58.210" "TCP - 37.17.150.89 connected to 63.131.81.207:25."
"TCPIP" 2712 "2012-04-22 04:17:02.929" "TCP - 59.126.124.224 connected to 63.131.81.207:25."
"TCPIP" 1352 "2012-04-22 04:17:18.335" "TCP - 67.53.247.202 connected to 63.131.81.207:110."
"POP3D" 1352 121 "2012-04-22 04:17:18.335" "67.53.247.202" "SENT: +OK Welcome to the RSegroup Mail Services"

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-22 15:20

you have a missing End Sub so after the if which writes the event log you should add End Sub like below

If (Result.Value = 1 ) Then ' Rejected
EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34) +geoip.country_code+" "+geoip.country_name)
End if

End Sub

also note that the Event log this writes to is a file called

hmailserver_events.log

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-22 15:35

you have also put an End Sub where it shouldn't be


' Sub OnBackupCompleted()
End Sub

' End Sub


Note that those quote marks turn the line into a comment which is fine when you don't need that section to run but the end Sub without the quote should not be in the OnBackupCompleted section.

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-23 16:22

Thanks Percept

Here is my script and now I am getting this error
"ERROR" 7876 "2012-04-23 09:21:38.020" "Script Error: Source: Microsoft VBScript runtime error - Error: 800A01A8 - Description: Object required: 'Result' - Line: 3 Column: 0 - Code: (null)"

' Sub OnClientConnect(oClient)
Dim geoip
Result.Value =1
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "LH" ) Then
Result.Value = 0
End if
If (country = "LN" ) Then
Result.Value = 0
End if
If (country = "GB" ) Then
Result.Value = 0
End if
If (country = "US" ) Then
Result.Value = 0
End if
If (country = "SE" ) Then
Result.Value = 0
End if
If (country = "DE" ) Then
Result.Value = 0
End if
If (country = "CA" ) Then
Result.Value = 0
End if
If (Result.Value = 1 ) Then ' Rejected
EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34) +geoip.country_code+" "+geoip.country_name)
End if

'End Sub


' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliveryStart(oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()

' End Sub

' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

Sub OnAcceptMessage(oClient, oMessage)
If oClient.Username <> "" Then
If LCase(oClient.Username) <> LCase(oMessage.FromAddress) Then
Result.Value = 2
Result.Message = "You are only allowed to send from your own account"
End If
End If
End Sub

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-23 16:29

copy and replace what you have with the below.


Sub OnClientConnect(oClient)
Dim geoip
Result.Value =1
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("c:\Program files\hmailserver\geoip\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code

If (country = "LH" ) Then
Result.Value = 0
End if
If (country = "LN" ) Then
Result.Value = 0
End if
If (country = "GB" ) Then
Result.Value = 0
End if
If (country = "US" ) Then
Result.Value = 0
End if
If (country = "SE" ) Then
Result.Value = 0
End if
If (country = "DE" ) Then
Result.Value = 0
End if
If (country = "CA" ) Then
Result.Value = 0
End if
If (Result.Value = 1 ) Then ' Rejected
EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34) +geoip.country_code+" "+geoip.country_name)
End if
End Sub


' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliveryStart(oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

Sub OnAcceptMessage(oClient, oMessage)
If oClient.Username <> "" Then
If LCase(oClient.Username) <> LCase(oMessage.FromAddress) Then
Result.Value = 2
Result.Message = "You are only allowed to send from your own account"
End If
End If
End Sub[/quote]

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-23 17:04

That worked
Thanks so much

Bob E

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-28 10:52

Everything is working good except in the event log it doesn't show country

The strange thing is on my Windows server 2003 32 bit it works fine but on the windows server 2008 64 bit
I get the below (and yes I registered the dll properly
Ideas?
Thanks


"TCPIP" 3004 "2012-04-28 03:11:37.927" "TCP - 175.110.151.38 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:12:14.369" "TCP - 120.61.179.45 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:12:55.350" "TCP - 31.29.12.153 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:13:19.998" "TCP - 37.98.1.74 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:14:19.864" "TCP - 206.72.127.24 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:14:24.652" "TCP - 200.152.56.131 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:14:25.884" "TCP - 201.240.216.110 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:15:15.523" "TCP - 197.200.74.112 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:15:18.362" "TCP - 202.70.120.95 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:15:55.662" "TCP - 182.185.233.92 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:16:09.811" "TCP - 37.63.157.246 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:16:10.809" "TCP - 2.185.241.91 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:16:40.418" "TCP - 95.56.74.135 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:17:45.860" "TCP - 1.55.107.116 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:18:15.173" "TCP - 212.217.28.212 connected to 98.103.208.195:25."
"TCPIP" 3004 "2012-04-28 03:18:25.047" "TCP - 88.209.85.218 connected to 98.103.208.195:25."

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-29 05:16

you are looking at the wrong log file. The one you need to look at is called

hmailserver_events.log

and the messages left in there look like:

2968 "2012-04-23 06:38:20.605" "Geo-IP rejected:" 123.123.123.123 "CO Colombia"

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-29 14:22

It is the file I am looking at
below is a snippet of the event file (It won't let me send the complete file

3004 "2012-04-28 02:24:44.670" "Geo-IP rejected:" 109.197.112.26 " "
3004 "2012-04-28 02:26:26.757" "Geo-IP rejected:" 211.199.64.55 " "
3004 "2012-04-28 02:26:45.305" "Geo-IP rejected:" 188.245.143.192 " "
3004 "2012-04-28 02:27:02.059" "Geo-IP rejected:" 39.52.88.72 " "
3004 "2012-04-28 02:27:32.199" "Geo-IP rejected:" 211.199.64.55 " "
3004 "2012-04-28 02:28:01.573" "Geo-IP rejected:" 195.70.56.238 " "
3004 "2012-04-28 02:28:31.494" "Geo-IP rejected:" 190.20.59.125 " "
3004 "2012-04-28 02:28:57.874" "Geo-IP rejected:" 95.57.162.50 " "
3004 "2012-04-28 02:29:14.925" "Geo-IP rejected:" 213.55.104.238 " "
3004 "2012-04-28 02:29:23.879" "Geo-IP rejected:" 206.72.127.134 " "
3004 "2012-04-28 02:29:28.434" "Geo-IP rejected:" 120.61.166.248 " "
3004 "2012-04-28 02:29:45.984" "Geo-IP rejected:" 91.205.234.184 " "
3004 "2012-04-28 02:30:54.562" "Geo-IP rejected:" 206.72.127.12 " "
3004 "2012-04-28 02:31:02.674" "Geo-IP rejected:" 210.150.125.95 " "
3004 "2012-04-28 02:31:05.685" "Geo-IP rejected:" 85.72.107.7 " "
3004 "2012-04-28 02:31:06.605" "Geo-IP rejected:" 190.44.1.46 " "
3004 "2012-04-28 02:31:56.322" "Geo-IP rejected:" 103.22.161.204 " "
3004 "2012-04-28 02:32:05.760" "Geo-IP rejected:" 190.20.59.125 " "
3004 "2012-04-28 02:32:38.146" "Geo-IP rejected:" 178.33.137.220 " "
3004 "2012-04-28 02:32:41.734" "Geo-IP rejected:" 58.210.59.52 " "
3004 "2012-04-28 02:32:56.211" "Geo-IP rejected:" 91.99.227.17 " "
3004 "2012-04-28 02:33:12.045" "Geo-IP rejected:" 212.217.28.212 " "
3004 "2012-04-28 02:33:24.291" "Geo-IP rejected:" 41.72.127.208 " "
3004 "2012-04-28 02:34:15.381" "Geo-IP rejected:" 206.72.127.24 " "
3004 "2012-04-28 02:34:44.381" "Geo-IP rejected:" 46.214.196.12 " "
3004 "2012-04-28 02:34:46.409" "Geo-IP rejected:" 201.165.136.109 " "
3004 "2012-04-28 02:35:21.337" "Geo-IP rejected:" 122.165.255.254 " "
3004 "2012-04-28 02:35:29.403" "Geo-IP rejected:" 58.210.59.52 " "
3004 "2012-04-28 02:36:13.379" "Geo-IP rejected:" 121.151.21.146 " "
3004 "2012-04-28 02:36:14.237" "Geo-IP rejected:" 121.151.21.146 " "
3004 "2012-04-28 02:36:15.079" "Geo-IP rejected:" 121.151.21.146 " "
3004 "2012-04-28 02:36:27.107" "Geo-IP rejected:" 196.12.12.90 " "
3004 "2012-04-28 02:37:27.775" "Geo-IP rejected:" 14.99.162.36 " "
3004 "2012-04-28 02:37:40.224" "Geo-IP rejected:" 41.82.165.147 " "
3004 "2012-04-28 02:38:05.278" "Geo-IP rejected:" 58.210.59.52 " "
3004 "2012-04-28 02:38:16.713" "Geo-IP rejected:" 41.220.30.100 " "
3004 "2012-04-28 02:38:29.068" "Geo-IP rejected:" 121.96.200.245 " "
3004 "2012-04-28 02:38:47.601" "Geo-IP rejected:" 89.31.72.221 " "
3004 "2012-04-28 02:39:25.399" "Geo-IP rejected:" 206.72.127.134 " "
3004 "2012-04-28 02:39:40.859" "Geo-IP rejected:" 182.186.213.148 " "
3004 "2012-04-28 02:40:34.929" "Geo-IP rejected:" 92.47.89.86 " "
3004 "2012-04-28 02:40:37.721" "Geo-IP rejected:" 122.169.160.237 " "
3004 "2012-04-28 02:40:49.827" "Geo-IP rejected:" 46.255.233.184 " "
3004 "2012-04-28 02:40:55.021" "Geo-IP rejected:" 206.72.127.12 " "
3004 "2012-04-28 02:41:02.603" "Geo-IP rejected:" 174.34.131.176 " "
3004 "2012-04-28 02:42:08.763" "Geo-IP rejected:" 78.186.179.240 " "
3004 "2012-04-28 02:42:10.822" "Geo-IP rejected:" 103.22.161.204 " "
3004 "2012-04-28 02:43:15.733" "Geo-IP rejected:" 106.10.151.249 " "
3004 "2012-04-28 02:43:39.414" "Geo-IP rejected:" 49.0.139.196 " "
3004 "2012-04-28 02:43:57.666" "Geo-IP rejected:" 66.178.5.26 " "
3004 "2012-04-28 02:44:15.341" "Geo-IP rejected:" 206.72.127.24 " "
3004 "2012-04-28 02:45:29.301" "Geo-IP rejected:" 31.192.250.16 " "
3004 "2012-04-28 02:45:45.946" "Geo-IP rejected:" 41.226.172.130 " "
3004 "2012-04-28 02:46:12.918" "Geo-IP rejected:" 41.231.153.105 " "
3004 "2012-04-28 02:46:55.865" "Geo-IP rejected:" 78.39.239.112 " "
3004 "2012-04-28 02:47:05.272" "Geo-IP rejected:" 95.57.145.30 " "
3004 "2012-04-28 02:47:36.831" "Geo-IP rejected:" 188.159.141.21 " "
3004 "2012-04-28 02:47:36.971" "Geo-IP rejected:" 151.3.106.235 " "
3004 "2012-04-28 02:48:12.851" "Geo-IP rejected:" 212.217.28.212 " "
3004 "2012-04-28 02:48:15.285" "Geo-IP rejected:" 37.143.144.31 " "
3004 "2012-04-28 02:49:01.773" "Geo-IP rejected:" 92.47.231.91 " "
3004 "2012-04-28 02:49:25.375" "Geo-IP rejected:" 206.72.127.134 " "
3004 "2012-04-28 02:49:45.172" "Geo-IP rejected:" 190.233.96.32 " "
3004 "2012-04-28 02:50:14.313" "Geo-IP rejected:" 86.60.27.168 " "
3004 "2012-04-28 02:50:48.586" "Geo-IP rejected:" 200.172.34.62 " "
3004 "2012-04-28 02:50:55.855" "Geo-IP rejected:" 206.72.127.12 " "
3004 "2012-04-28 02:51:08.382" "Geo-IP rejected:" 217.66.212.147 " "
3004 "2012-04-28 02:51:24.871" "Geo-IP rejected:" 91.205.235.17 " "
3004 "2012-04-28 02:51:53.107" "Geo-IP rejected:" 91.205.235.16 " "
3004 "2012-04-28 02:51:53.466" "Geo-IP rejected:" 91.205.235.16 " "
3004 "2012-04-28 02:52:12.093" "Geo-IP rejected:" 103.22.161.204 " "
3004 "2012-04-28 02:52:21.546" "Geo-IP rejected:" 188.40.244.14 " "
3004 "2012-04-28 02:52:25.197" "Geo-IP rejected:" 91.205.235.17 " "
3004 "2012-04-28 02:52:32.357" "Geo-IP rejected:" 39.47.50.87 " "
3004 "2012-04-28 02:54:03.945" "Geo-IP rejected:" 37.63.157.246 " "
3004 "2012-04-28 02:54:16.253" "Geo-IP rejected:" 206.72.127.24 " "
3004 "2012-04-28 02:54:37.485" "Geo-IP rejected:" 37.63.181.37 " "
3004 "2012-04-28 02:55:06.703" "Geo-IP rejected:" 174.34.131.176 " "
3004 "2012-04-28 02:55:44.003" "Geo-IP rejected:" 58.185.7.163 " "
3004 "2012-04-28 02:55:57.637" "Geo-IP rejected:" 41.202.198.217 " "
3004 "2012-04-28 02:56:06.030" "Geo-IP rejected:" 218.145.31.215 " "
3004 "2012-04-28 02:56:20.663" "Geo-IP rejected:" 190.203.247.252 " "
3004 "2012-04-28 02:59:25.851" "Geo-IP rejected:" 206.72.127.134 " "
3004 "2012-04-28 02:59:59.110" "Geo-IP rejected:" 27.251.202.228 " "
3004 "2012-04-28 03:00:56.362" "Geo-IP rejected:" 206.72.127.12 " "
3004 "2012-04-28 03:01:40.479" "Geo-IP rejected:" 115.111.94.222 " "
3004 "2012-04-28 03:02:16.047" "Geo-IP rejected:" 103.22.161.204 " "
3004 "2012-04-28 03:02:39.649" "Geo-IP rejected:" 218.145.31.215 " "
3004 "2012-04-28 03:02:51.786" "Geo-IP rejected:" 148.233.85.170 " "
3004 "2012-04-28 03:03:14.032" "Geo-IP rejected:" 212.217.28.212 " "
3004 "2012-04-28 03:04:18.741" "Geo-IP rejected:" 206.72.127.24 " "
3004 "2012-04-28 03:05:46.147" "Geo-IP rejected:" 95.58.4.173 " "
3004 "2012-04-28 03:05:59.922" "Geo-IP rejected:" 110.137.3.85 " "
3004 "2012-04-28 03:06:23.665" "Geo-IP rejected:" 217.219.91.193 " "
3004 "2012-04-28 03:06:44.351" "Geo-IP rejected:" 188.253.237.80 " "
3004 "2012-04-28 03:07:16.456" "Geo-IP rejected:" 84.240.197.16 " "
3004 "2012-04-28 03:07:30.808" "Geo-IP rejected:" 122.165.255.254 " "
3004 "2012-04-28 03:08:07.811" "Geo-IP rejected:" 188.93.148.122 " "
3004 "2012-04-28 03:08:29.635" "Geo-IP rejected:" 109.236.85.24 " "
3004 "2012-04-28 03:09:08.277" "Geo-IP rejected:" 2.176.194.185 " "
3004 "2012-04-28 03:09:26.903" "Geo-IP rejected:" 206.72.127.134 " "
3004 "2012-04-28 03:09:53.439" "Geo-IP rejected:" 2.134.139.14 " "
3004 "2012-04-28 03:10:54.419" "Geo-IP rejected:" 178.91.204.217 " "
3004 "2012-04-28 03:11:06.930" "Geo-IP rejected:" 206.72.127.12 " "
3004 "2012-04-28 03:11:37.927" "Geo-IP rejected:" 175.110.151.38 " "
3004 "2012-04-28 03:12:14.385" "Geo-IP rejected:" 120.61.179.45 " "
3004 "2012-04-28 03:12:55.350" "Geo-IP rejected:" 31.29.12.153 " "
3004 "2012-04-28 03:13:20.014" "Geo-IP rejected:" 37.98.1.74 " "
3004 "2012-04-28 03:14:19.864" "Geo-IP rejected:" 206.72.127.24 " "
3004 "2012-04-28 03:14:24.668" "Geo-IP rejected:" 200.152.56.131 " "
3004 "2012-04-28 03:14:25.884" "Geo-IP rejected:" 201.240.216.110 " "
3004 "2012-04-28 03:15:15.523" "Geo-IP rejected:" 197.200.74.112 " "
3004 "2012-04-28 03:15:18.362" "Geo-IP rejected:" 202.70.120.95 " "
3004 "2012-04-28 03:15:55.662" "Geo-IP rejected:" 182.185.233.92 " "
3004 "2012-04-28 03:16:09.811" "Geo-IP rejected:" 37.63.157.246 " "
3004 "2012-04-28 03:16:10.809" "Geo-IP rejected:" 2.185.241.91 " "
3004 "2012-04-28 03:16:40.418" "Geo-IP rejected:" 95.56.74.135 " "
3004 "2012-04-28 03:17:45.860" "Geo-IP rejected:" 1.55.107.116 " "
3004 "2012-04-28 03:18:15.173" "Geo-IP rejected:" 212.217.28.212 " "
3004 "2012-04-28 03:18:25.047" "Geo-IP rejected:" 88.209.85.218 " "
3004 "2012-04-28 03:18:41.583" "Geo-IP rejected:" 123.17.187.163 " "
3004 "2012-04-28 03:18:41.864" "Geo-IP rejected:" 46.48.244.170 " "
3004 "2012-04-28 03:19:20.037" "Geo-IP rejected:" 95.82.86.58 " "
3004 "2012-04-28 03:19:46.994" "Geo-IP rejected:" 206.72.127.134 " "
3004 "2012-04-28 03:21:07.191" "Geo-IP rejected:" 206.72.127.12 " "
3004 "2012-04-28 03:21:25.380" "Geo-IP rejected:" 91.205.235.17 " "
3004 "2012-04-28 03:21:48.593" "Geo-IP rejected:" 41.136.227.245 " "
3004 "2012-04-28 03:21:54.396" "Geo-IP rejected:" 91.205.235.16 " "
3004 "2012-04-28 03:21:54.817" "Geo-IP rejected:" 91.205.235.16 " "
3004 "2012-04-28 03:22:15.753" "Geo-IP rejected:" 95.58.45.92 " "
3004 "2012-04-28 03:22:26.173" "Geo-IP rejected:" 91.205.235.17 " "
3004 "2012-04-28 03:22:36.376" "Geo-IP rejected:" 41.182.207.76 " "
3004 "2012-04-28 03:24:08.759" "Geo-IP rejected:" 122.172.186.193 " "
3004 "2012-04-28 03:24:21.099" "Geo-IP rejected:" 206.72.127.24 " "
3004 "2012-04-28 03:24:37.525" "Geo-IP rejected:" 41.202.74.84 " "
3004 "2012-04-28 03:24:45.310" "Geo-IP rejected:" 178.90.44.113 " "
3004 "2012-04-28 03:24:45.715" "Geo-IP rejected:" 109.197.112.26 " "
3004 "2012-04-28 03:25:07.727" "Geo-IP rejected:" 103.22.161.204 " "
3004 "2012-04-28 03:25:32.281" "Geo-IP rejected:" 41.72.23.39 " "
3004 "2012-04-28 03:25:43.607" "Geo-IP rejected:" 121.101.151.211 " "
3004 "2012-04-28 03:26:03.528" "Geo-IP rejected:" 115.238.145.251 " "
3004 "2012-04-28 03:26:28.098" "Geo-IP rejected:" 188.159.36.83 " "
3004 "2012-04-28 03:26:40.672" "Geo-IP rejected:" 174.34.131.176 " "
3004 "2012-04-28 03:26:47.161" "Geo-IP rejected:" 168.167.159.179 " "
3004 "2012-04-28 03:27:26.645" "Geo-IP rejected:" 2.185.251.227 " "
3004 "2012-04-28 03:27:27.893" "Geo-IP rejected:" 92.47.253.135 " "
3004 "2012-04-28 03:30:33.595" "Geo-IP rejected:" 206.72.127.134 " "
3004 "2012-04-28 03:30:35.031" "Geo-IP rejected:" 41.96.98.59 " "
3004 "2012-04-28 03:31:08.883" "Geo-IP rejected:" 206.72.127.12 " "
3004 "2012-04-28 03:31:36.853" "Geo-IP rejected:" 115.118.134.174 " "
3004 "2012-04-28 03:31:57.508" "Geo-IP rejected:" 189.2.204.194 " "
3004 "2012-04-28 03:32:21.906" "Geo-IP rejected:" 92.46.4.212 " "
3004 "2012-04-28 03:32:34.995" "Geo-IP rejected:" 197.200.45.20 " "
3004 "2012-04-28 03:32:46.071" "Geo-IP rejected:" 41.70.152.148 " "
3004 "2012-04-28 03:32:55.727" "Geo-IP rejected:" 46.182.52.197 " "
3004 "2012-04-28 03:33:16.350" "Geo-IP rejected:" 212.217.28.212 " "
3004 "2012-04-28 03:34:21.449" "Geo-IP rejected:" 206.72.127.24 " "
3004 "2012-04-28 03:35:08.686" "Geo-IP rejected:" 103.22.161.204 " "
3004 "2012-04-28 03:35:50.400" "Geo-IP rejected:" 49.0.83.108 " "
3004 "2012-04-28 03:37:52.439" "Geo-IP rejected:" 180.149.243.20 " "
3004 "2012-04-28 03:38:04.997" "Geo-IP rejected:" 41.200.162.216 " "
3004 "2012-04-28 03:38:32.734" "Geo-IP rejected:" 95.23.157.147 " "
3004 "2012-04-28 03:38:47.476" "Geo-IP rejected:" 41.202.192.248 " "
3004 "2012-04-28 03:39:42.497" "Geo-IP rejected:" 85.133.240.193 " "
3004 "2012-04-28 03:40:33.587" "Geo-IP rejected:" 206.72.127.134 " "
3004 "2012-04-28 03:41:04.865" "Geo-IP rejected:" 2.181.108.109 " "
3004 "2012-04-28 03:41:09.763" "Geo-IP rejected:" 206.72.127.12 " "
3004 "2012-04-28 03:41:24.084" "Geo-IP rejected:" 39.47.165.177 " "
3004 "2012-04-28 03:42:38.668" "Geo-IP rejected:" 178.33.137.220 " "
3004 "2012-04-28 03:43:34.875" "Geo-IP rejected:" 218.145.31.215 " "
3004 "2012-04-28 03:43:36.372" "Geo-IP rejected:" 120.28.92.75 " "
3004 "2012-04-28 03:43:48.384" "Geo-IP rejected:" 213.230.107.101 " "
3568 "2012-04-28 03:43:48.400" "Geo-IP rejected:" 106.10.151.249 " "
3568 "2012-04-28 03:44:15.154" "Geo-IP rejected:" 92.46.4.212 " "
3568 "2012-04-28 03:44:18.430" "Geo-IP rejected:" 182.185.161.154 " "
3568 "2012-04-28 03:44:21.831" "Geo-IP rejected:" 206.72.127.24 " "
3568 "2012-04-28 03:44:48.928" "Geo-IP rejected:" 41.211.135.101 " "
3568 "2012-04-28 03:45:09.629" "Geo-IP rejected:" 103.22.161.204 " "

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2012-04-29 16:26

I have no idea why country code is missing from one of your servers implementations of this.

bescher
Normal user
Normal user
Posts: 123
Joined: 2008-05-26 01:56
Location: Milwaukee Wi
Contact:

Re: Using GeoIP to block or allow country connections

Post by bescher » 2012-04-30 11:44

Thanks again for everything Percepts.

Bill48105
Developer
Developer
Posts: 6186
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Using GeoIP to block or allow country connections

Post by Bill48105 » 2013-04-17 23:23

I wanted to post an example of how I use GeoIP here that works quite well. I chose not to put real country codes to protect the innocent so obviously change XX to real country codes that apply to your case of who you want to block or allow. Obviously adjust the path &

Code: Select all

   Sub OnClientConnect(oClient)

      Dim geoip
      set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
      geoip.set_db_path("D:\hMail\GeoIP\")
      geoip.find_by_addr(oClient.IPAddress)
      country = geoip.country_code


      ' Less strict for port 25
      If oClient.Port = 25 Then

         ' Block AUTH'd on port 25 to force users to login on alternate port
         If oClient.Username <> "" Then
            Result.Message = "AUTH FAILED. You must be authenticated to send."
            Result.Value = 2
            EventLog.Write("Geo-IP AUTH attempt rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+oClient.Username)
            Exit Sub
         End If

         ' Allow all by default
         Result.Value = 0

         ' Block
         If (country = "XX" ) Then
         Result.Value = 1
         End if    


         ' Allow (LH & LN are localhost & local network)
         If (country = "LH" ) Then
           Result.Value = 0
         End if    
         If (country = "LN" ) Then
           Result.Value = 0
         End if
         If (country = "XX" ) Then
           Result.Value = 0
         End if

      ' All other ports
      Else
         ' Block all by default
         Result.Value = 1

         ' Allow (LH & LN are localhost & local network)
         If (country = "LH" ) Then
           Result.Value = 0
         End if    
         If (country = "LN" ) Then
           Result.Value = 0
         End if
         If (country = "XX" ) Then
           Result.Value = 0
         End if

         ' unknown country or error doing lookup?  I've seen it in logs so giving them a pass
         If (country = "" ) Then
           Result.Value = 0
         End if

         ' Bypass for some known sender in blocked country (uncomment & set IP as needed)
         'If (oClient.IPAddress = "x.x.x.x") Then
         '  Result.Value = 0
         'End if

      End If

      If (Result.Value = 1 ) Then  ' Rejected
        EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name+" Port: "+oClient.Port)
      End if

      ' Comment the below lines out to not log allowed. Normally only enable for testing.
      If (Result.Value = 0 ) Then  ' OK
        EventLog.Write("Geo-IP OK:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
      End if

   End Sub

Just copy & paste IF/End If groups then edit to add more countries or IP's to block/bypass.

The idea of the above is that for port 25 (incoming mail) I want to allow most of the world but have option to block certain countries if I so choose. For all other ports I want to block the entire world but only allow countries I have users in who should be trying to login. To enforce this further one could block AUTH'd access on port 25 and make users send on alternate ports. That cuts down risk of dictionary spam attack tremendously. If you you have users who send on port 25 or don't want that feature then comment out the lines in the code.

Btw obviously the code could be cleaned up a bit but I was sticking with the original format to be less confusing & more obvious of the changes.
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2013-04-18 14:51

looks like a useful addition bill.

I have moved on from this now and just use my windows firewall. But that is because I really am only interested in receiving email from IPs with country code GB and only a handful of exceptions such as gmail which I have covered in firewall allows. This also blocks all access atempts to my website from outside of UK which is fine by me because it is UK centric. Again certain robots have access to apache so I get indexed in google etc. It is a slight pain to administer this approach though.

However, what I have lost by doing that is seeing the log that above script gives which shows which IPs and Countries were trying to get access to email and were rejected. That allows you to pick any of those blocked IPs and include them in the allowed list within the script which is very handy if, for example, you signed up with some forum in a blocked country and they need to be able to send you email. You can just check log, pick rejected IP and add to allow list and their emails can get through.

both approaches have their pros and cons.

Bill48105
Developer
Developer
Posts: 6186
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Using GeoIP to block or allow country connections

Post by Bill48105 » 2013-04-18 17:27

percepts wrote:looks like a useful addition bill.

I have moved on from this now and just use my windows firewall. But that is because I really am only interested in receiving email from IPs with country code GB and only a handful of exceptions such as gmail which I have covered in firewall allows. This also blocks all access atempts to my website from outside of UK which is fine by me because it is UK centric. Again certain robots have access to apache so I get indexed in google etc. It is a slight pain to administer this approach though.

However, what I have lost by doing that is seeing the log that above script gives which shows which IPs and Countries were trying to get access to email and were rejected. That allows you to pick any of those blocked IPs and include them in the allowed list within the script which is very handy if, for example, you signed up with some forum in a blocked country and they need to be able to send you email. You can just check log, pick rejected IP and add to allow list and their emails can get through.

both approaches have their pros and cons.
Yeah I'd add people to firewall who pound you (and do just that). Plan is to update the script so that users traveling can login & their IP get added to bypass because right now I get stuck doing it manually. Luckily it's only a few a year. :D
Bill
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

mthurner
Normal user
Normal user
Posts: 42
Joined: 2013-03-06 00:22

Re: Using GeoIP to block or allow country connections

Post by mthurner » 2013-05-20 19:15

Hey sorry for stirring up an old old thread but i wanty to use this script

I installed the .dll per the x64 server and then i, well i followed the directions :-)

when I try to verify i get
Image

Here's the code I'm using (copied from bill's)
' Sub OnClientConnect(oClient)

Dim geoip
set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
geoip.set_db_path("C:\hMailServer\")
geoip.find_by_addr(oClient.IPAddress)
country = geoip.country_code


' Less strict for port 25
If oClient.Port = 25 Then

' Block AUTH'd on port 25 to force users to login on alternate port
If oClient.Username <> "" Then
Result.Message = "AUTH FAILED. You must be authenticated to send."
Result.Value = 2
EventLog.Write("Geo-IP AUTH attempt rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+oClient.Username)

End If

' Allow all by default
Result.Value = 0

' Block
If (country = "cn" ) Then
Result.Value = 1
End if


' Allow (LH & LN are localhost & local network)
If (country = "LH" ) Then
Result.Value = 0
End if
If (country = "LN" ) Then
Result.Value = 0
End if
If (country = "US" ) Then
Result.Value = 0
End if
If (country = "GB" ) Then
Result.Value = 0
End if
If (country = "CA" ) Then
Result.Value = 0
End if

' All other ports
Else
' Block all by default
Result.Value = 1

' Allow (LH & LN are localhost & local network)
If (country = "LH" ) Then
Result.Value = 0
End if
If (country = "LN" ) Then
Result.Value = 0
End if
If (country = "US" ) Then
Result.Value = 0
End if
If (country = "GB" ) Then
Result.Value = 0
End if
If (country = "CA" ) Then
Result.Value = 0
End if

' unknown country or error doing lookup? I've seen it in logs so giving them a pass
If (country = "" ) Then
Result.Value = 0
End if

' Bypass for some known sender in blocked country (uncomment & set IP as needed)
'If (oClient.IPAddress = "x.x.x.x") Then
' Result.Value = 0
'End if

End If

If (Result.Value = 1 ) Then ' Rejected
EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name+" Port: "+oClient.Port)
End if

' Comment the below lines out to not log allowed. Normally only enable for testing.
If (Result.Value = 0 ) Then ' OK
EventLog.Write("Geo-IP OK:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
End if



' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliveryStart(oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

Sub OnAcceptMessage(oClient, oMessage)
If oClient.Username <> "" Then
If LCase(oClient.Username) <> LCase(oMessage.FromAddress) Then
Result.Value = 2
Result.Message = "You are only allowed to send from your own account"
End If
End If
End Sub

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2013-05-20 19:48

Try this

Code: Select all

Sub OnClientConnect(oClient)

 Dim geoip
 set geoip = CreateObject("GeoIPCOMEx.GeoIPEx")
 geoip.set_db_path("C:\hMailServer\")
 geoip.find_by_addr(oClient.IPAddress)
 country = geoip.country_code


 ' Less strict for port 25
 If oClient.Port = 25 Then

 ' Block AUTH'd on port 25 to force users to login on alternate port
 If oClient.Username <> "" Then
 Result.Message = "AUTH FAILED. You must be authenticated to send."
 Result.Value = 2
 EventLog.Write("Geo-IP AUTH attempt rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+oClient.Username)

 End If

 ' Allow all by default
 Result.Value = 0

 ' Block
 If (country = "cn" ) Then
 Result.Value = 1
 End if 


' Allow (LH & LN are localhost & local network)
 If (country = "LH" ) Then
 Result.Value = 0
 End if 
If (country = "LN" ) Then
 Result.Value = 0
 End if
 If (country = "US" ) Then
 Result.Value = 0
 End if
 If (country = "GB" ) Then
 Result.Value = 0
 End if
 If (country = "CA" ) Then
 Result.Value = 0
 End if

 ' All other ports
 Else
 ' Block all by default
 Result.Value = 1

 ' Allow (LH & LN are localhost & local network)
 If (country = "LH" ) Then
 Result.Value = 0
 End if 
If (country = "LN" ) Then
 Result.Value = 0
 End if
 If (country = "US" ) Then
 Result.Value = 0
 End if
 If (country = "GB" ) Then
 Result.Value = 0
 End if
 If (country = "CA" ) Then
 Result.Value = 0
 End if

 ' unknown country or error doing lookup? I've seen it in logs so giving them a pass
 If (country = "" ) Then
 Result.Value = 0
 End if

 ' Bypass for some known sender in blocked country (uncomment & set IP as needed)
 'If (oClient.IPAddress = "x.x.x.x") Then
 ' Result.Value = 0
 'End if

 End If

 If (Result.Value = 1 ) Then ' Rejected
 EventLog.Write("Geo-IP rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name+" Port: "+oClient.Port)
 End if

 ' Comment the below lines out to not log allowed. Normally only enable for testing.
 If (Result.Value = 0 ) Then ' OK
 EventLog.Write("Geo-IP OK:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+geoip.country_code+" "+geoip.country_name)
 End if
End Sub


' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliveryStart(oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

' Sub OnAcceptMessage(oClient, oMessage)
' End Sub

' Sub OnDeliverMessage(oMessage)
' End Sub

' Sub OnBackupFailed(sReason)
' End Sub

' Sub OnBackupCompleted()
' End Sub

Sub OnAcceptMessage(oClient, oMessage)
If oClient.Username <> "" Then
If LCase(oClient.Username) <> LCase(oMessage.FromAddress) Then
Result.Value = 2
Result.Message = "You are only allowed to send from your own account"
End If
End If 
End Sub

mthurner
Normal user
Normal user
Posts: 42
Joined: 2013-03-06 00:22

Re: Using GeoIP to block or allow country connections

Post by mthurner » 2013-05-20 20:10

I should of thought of that, Thank You!!
:mrgreen:

Bill48105
Developer
Developer
Posts: 6186
Joined: 2010-04-24 23:16
Location: Michigan, USA

Re: Using GeoIP to block or allow country connections

Post by Bill48105 » 2013-05-21 02:06

mthurner wrote:I should of thought of that, Thank You!!
:mrgreen:
took me a minute to see the problem. how did you end up with ' in front of that sub line? lol
hMailServer build LIVE on my servers: 5.4-B2014050402
#hmailserver on FreeNode IRC https://webchat.freenode.net/?channels=#hmailserver
*** ABSENT FROM hMail! Those in IRC know how to find me if urgent. ***

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2013-05-21 02:10

Bill48105 wrote:
mthurner wrote:I should of thought of that, Thank You!!
:mrgreen:
took me a minute to see the problem. how did you end up with ' in front of that sub line? lol
there was a missing end sub too (somehow).

editing error I think. We've all done it.

whurlston
New user
New user
Posts: 6
Joined: 2012-03-07 07:00

Re: Using GeoIP to block or allow country connections

Post by whurlston » 2013-12-04 07:28

I'm confused by the following portion of Bill's script:

Code: Select all

   Sub OnClientConnect(oClient)

'...

      ' Less strict for port 25
      If oClient.Port = 25 Then

         ' Block AUTH'd on port 25 to force users to login on alternate port
         If oClient.Username <> "" Then
            Result.Message = "AUTH FAILED. You must be authenticated to send."
            Result.Value = 2
            EventLog.Write("Geo-IP AUTH attempt rejected:"+Chr(34)+vbTab+oClient.IPAddress+vbTab+Chr(34)+oClient.Username)
            Exit Sub
         End If

         ' Allow all by default
         Result.Value = 0

'...
Isn't oClient.Username always "" in OnClientConnect() since this is called before any authentication?

percepts
Senior user
Senior user
Posts: 5282
Joined: 2009-10-20 16:33
Location: Sceptred Isle

Re: Using GeoIP to block or allow country connections

Post by percepts » 2013-12-04 08:26

I think you're correct but since it'll always be "" it will never be failed on auth so probably doesn't cause a problem.
I haven't used Bills version so haven't inspected it in detail.

whurlston
New user
New user
Posts: 6
Joined: 2012-03-07 07:00

Re: Using GeoIP to block or allow country connections

Post by whurlston » 2013-12-04 18:04

Thanks. I wanted to make sure I wasn't missing something.

Post Reply