Function to ban IP...

Use this forum if you want to suggest a new feature to hMailServer. Before posting, please search the forum to confirm that it has not already been suggested.
Post Reply

Do you need this feature?

Yes
10
100%
No
0
No votes
 
Total votes: 10

User avatar
Rainer
Normal user
Normal user
Posts: 166
Joined: 2007-06-21 13:40
Location: Zweibrücken - Germany

Function to ban IP...

Post by Rainer » 2009-08-24 12:46

Hello, the function auto-ban IPs is very good.
This works only for login-attempts.
It would be very nice to ban IP's like seen in my current log:

"SMTPD" 2732 46328 "2009-08-24 12:24:31.593" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46329 "2009-08-24 12:24:31.656" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46328 "2009-08-24 12:24:31.828" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46328 "2009-08-24 12:24:31.828" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46329 "2009-08-24 12:24:31.921" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46329 "2009-08-24 12:24:31.921" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46328 "2009-08-24 12:24:32.062" "187.15.134.146" "RECEIVED: MAIL FROM:<fqvfjjgqgbq@brella.org>"
"SMTPD" 2608 46329 "2009-08-24 12:24:32.171" "187.15.134.146" "RECEIVED: MAIL FROM:<ipcdvykqdo@easymelany.com>"
"SMTPD" 2608 46329 "2009-08-24 12:24:32.312" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46328 "2009-08-24 12:24:32.312" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46330 "2009-08-24 12:24:33.578" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46330 "2009-08-24 12:24:33.812" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46330 "2009-08-24 12:24:33.812" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46330 "2009-08-24 12:24:34.046" "187.15.134.146" "RECEIVED: MAIL FROM:<gwatldkkpfso@sankyofs.co.jp>"
"SMTPD" 2732 46330 "2009-08-24 12:24:34.046" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46331 "2009-08-24 12:24:35.124" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46331 "2009-08-24 12:24:35.359" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46331 "2009-08-24 12:24:35.359" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46332 "2009-08-24 12:24:35.390" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46331 "2009-08-24 12:24:35.578" "187.15.134.146" "RECEIVED: MAIL FROM:<ivgeaa@proximo.org>"
"SMTPD" 2732 46331 "2009-08-24 12:24:35.578" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46332 "2009-08-24 12:24:35.609" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46332 "2009-08-24 12:24:35.609" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46332 "2009-08-24 12:24:35.828" "187.15.134.146" "RECEIVED: MAIL FROM:<skhxw@lomas.ab.ca>"
"SMTPD" 2732 46332 "2009-08-24 12:24:35.828" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46333 "2009-08-24 12:24:36.953" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2544 46333 "2009-08-24 12:24:37.171" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2544 46333 "2009-08-24 12:24:37.171" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2544 46333 "2009-08-24 12:24:37.406" "187.15.134.146" "RECEIVED: MAIL FROM:<jdjtmlpro@foxtons.com>"
"SMTPD" 2544 46333 "2009-08-24 12:24:37.406" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46334 "2009-08-24 12:24:38.781" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46334 "2009-08-24 12:24:38.999" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46334 "2009-08-24 12:24:38.999" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46334 "2009-08-24 12:24:39.234" "187.15.134.146" "RECEIVED: MAIL FROM:<ebxphaetqm@photokissa.com>"
"SMTPD" 2732 46334 "2009-08-24 12:24:39.234" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46335 "2009-08-24 12:24:40.343" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46335 "2009-08-24 12:24:40.578" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46335 "2009-08-24 12:24:40.578" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46335 "2009-08-24 12:24:40.796" "187.15.134.146" "RECEIVED: MAIL FROM:<fneiauwtf@gardiner-roberts.com>"
"SMTPD" 2732 46335 "2009-08-24 12:24:40.796" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46336 "2009-08-24 12:24:40.874" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46336 "2009-08-24 12:24:41.093" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46336 "2009-08-24 12:24:41.093" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46337 "2009-08-24 12:24:41.171" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46336 "2009-08-24 12:24:41.328" "187.15.134.146" "RECEIVED: MAIL FROM:<kyjrj@whiteridge.fsnet.co.uk>"
"SMTPD" 2732 46336 "2009-08-24 12:24:41.328" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46337 "2009-08-24 12:24:41.421" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46337 "2009-08-24 12:24:41.421" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46337 "2009-08-24 12:24:41.671" "187.15.134.146" "RECEIVED: MAIL FROM:<hvpvewiobsejdy@girlyskin.com>"
"SMTPD" 2732 46337 "2009-08-24 12:24:41.671" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46338 "2009-08-24 12:24:41.953" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46338 "2009-08-24 12:24:42.187" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46338 "2009-08-24 12:24:42.187" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46338 "2009-08-24 12:24:42.421" "187.15.134.146" "RECEIVED: MAIL FROM:<vmyhkfcjxwgudm@geekymedia.com>"
"SMTPD" 2732 46338 "2009-08-24 12:24:42.421" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46339 "2009-08-24 12:24:44.031" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46339 "2009-08-24 12:24:44.265" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46339 "2009-08-24 12:24:44.265" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46340 "2009-08-24 12:24:44.296" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46339 "2009-08-24 12:24:44.484" "187.15.134.146" "RECEIVED: MAIL FROM:<eqdmqgoxleifo@wmur.com>"
"SMTPD" 2732 46339 "2009-08-24 12:24:44.484" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46340 "2009-08-24 12:24:44.515" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46340 "2009-08-24 12:24:44.515" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46340 "2009-08-24 12:24:44.749" "187.15.134.146" "RECEIVED: MAIL FROM:<jtfb1x8mbcw4kh@mission.net>"
"SMTPD" 2732 46340 "2009-08-24 12:24:44.749" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."
"SMTPD" 2732 46341 "2009-08-24 12:24:45.593" "187.15.134.146" "SENT: 220 Welcome to MilesTec AG"
"SMTPD" 2732 46341 "2009-08-24 12:24:45.812" "187.15.134.146" "RECEIVED: EHLO 18715134146.user.veloxzone.com.br"
"SMTPD" 2732 46341 "2009-08-24 12:24:45.812" "187.15.134.146" "SENT: 250-mail.milestec.de[nl]250-SIZE[nl]250 AUTH LOGIN"
"SMTPD" 2732 46341 "2009-08-24 12:24:46.046" "187.15.134.146" "RECEIVED: MAIL FROM:<tjswdlswbq@meritdirect.com>"
"SMTPD" 2732 46341 "2009-08-24 12:24:46.046" "187.15.134.146" "SENT: 550 The host name specified in HELO does not match IP address."

Options to tuneup this feature...

Max invalid connect :
Minutes before reset:
Minutes to auto-ban :


Kind regards :)
Rainer Noa

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: Function to ban IP...

Post by ^DooM^ » 2009-08-24 13:32

Yes i would like the autoban to be improved a little as I see this as well quite a bit. Just adding Max Invalid commands would be enough for me.
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

User avatar
mattg
Moderator
Moderator
Posts: 20794
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Function to ban IP...

Post by mattg » 2009-08-24 15:13

You mean like the 'Disconnect client after too many invalid commands' in SMTP >> RFC Compliance
http://www.hmailserver.com/documentatio ... otocolsmtp

Except adding that IP range to an AutoBanned list?

Yes I agree.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

^DooM^
Site Admin
Posts: 13861
Joined: 2005-07-29 16:18
Location: UK

Re: Function to ban IP...

Post by ^DooM^ » 2009-08-24 15:57

Yes that doesn't ban them just disconnects them.
If at first you don't succeed, bomb disposal probably isn't for you! ヅ

Keba
Normal user
Normal user
Posts: 126
Joined: 2009-04-11 11:43

Re: Function to ban IP...

Post by Keba » 2009-08-24 21:12

Keba

User avatar
Slug
Moderator
Moderator
Posts: 1369
Joined: 2005-03-13 05:42
Location: Sydney Australia
Contact:

Re: Function to ban IP...

Post by Slug » 2009-08-25 17:45

Or this ... Seems to have gotten archived for some reason ???

http://www.hmailserver.com/forum/viewto ... lit=tarpit

Michael
Missing Hmailserver ... Now running Debian servers

Post Reply