Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
This is driving me crazy. We have someone trying to send SMTP traffic over our postfix. It's all being rejected, but I can't shut him out entirely via the firewall. He's sending the requests in about 100 email bursts and it's clogging our pipes but good.
Has anyone seen this? Any suggestions?
I'd like to go huntin', but I can't find his IP in any of my logs. Am I missing something?
what are you doing with your server?
is it a webserver? are you hosting some websites?
if not:
why don`t you just get a new ip form your isp by reconnecting to the internet?
if so:
what does your firewall - log tell you?
when i get some scans or connects on my firewall i can always see the ip of the other guy!
who did you give the ip of your server? perhaps someone with is allowed to connect to your server has a windows (sh**) pc client and is is bad configured......
if this sob is packeting u with the same IP(static), write some chains to your firewall where u deny all traffic from IP xxx.xx.xx.xxx to the SMTP port
I found his ip in one of the messages he was attempting to send and locked him out. It was really strange. I'm going to try to do a full post-mortem later.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.