Search results

@BigD213 Make sure that you have downloaded the latest CLI product installer. I didn't have any trouble installing Plesk on Rocky Linux using it...

@tkalfaoglu Enable the powertools repo and it should fix this: # dnf --enablerepo=powertools install perl-Digest-SHA1

Sentinel Anti-malware 1.16 for #Plesk has been released. Third Party Signatures and More! https://www.danami.com/clients/announcements/128/Sentinel-Anti-malware-1.16-Released.html

Warden Anti-spam and Virus Protection 2.14 has been released. Third Party Signatures, AbuseIPDB Support, and More! https://www.danami.com/clients/announcements/126/Warden-Anti-spam-and-Virus-Protection-2.14-Released.html

The first thing that you should to is set proper outgoing sending limits. That way if an email account is compromised then you can limit the damage that the email account can do before you are alerted...

Yes I thought it should of worked (that's why I was scratching my head). I'm glad that you have it sorted.

Yes it looks like you might be out of luck :(

Looking at the postfix documentation you will have to set smtpd_delay_reject = no also.

Are you sure that you didn't just revert your changes by editing the RBL's in the Plesk interface? Plesk used to have the RBLs listed before the permit_sasl_authenticated and people complained that they could not send email when listed so they changed the order around.

This should work the same. Just make sure that you restart Amavis after you add your ownrules.cf file in /etc/mail/spamassassin/ //Centos systemctl restart amavisd //Debian/Ubuntu systemctl restart amavis

Try changing the order placing reject_rbl_client BEFORE permit_sasl_authenticated smtpd_client_restrictions = permit_mynetworks, reject_rbl_client b.barracudacentral.org, reject_rbl_client zen.spamhaus.org, permit_sasl_authenticated

Like I mentioned before you should be restricting access to outgoing ports 587 and 465 on the firewall anyway.

@ChrisMonder Did you look at the articles? It supports pregreet DNSBLs with the postscreen_dnsbl_sites option. You can set the RBL weights so that Postscreen would reject the SMTP client.

I've used it in the past on some servers. I only recommend it for advanced users though because some of Plesk's older command line tools (like mchk) don't like heavy postfix customization so they break. Postscreen is fine as long as you don't enable any of the "deep protocol" tests. If you...

> I have a really good RBL that I checked a lot of times vs attacker IP's and my client IP's and it's 99% exact with the attacker IP's, so, yes a RBL will work if there's a way to block the SMTP AUTH using it. Use postscreen then as this is what it was designed for...

@ChrisMonder Well if its a directed attack then an RBL isn't going to help you anyway. Usually what I do in this case: 1. Raise the perm deny limit in Juggernaut -> Settings -> Firewall -> General Settings to something like 20,000 so that attacking IP addresses are not rotated out. 2. Lower...

@ChrisMonder One last thing I would recommend. The default Juggernaut SMTP_AUTH trigger under Settings -> Login Failure Blocking is set to 5 failures which is fairly loose. If you are under active attack I recommend lowering that to 1 or 2. That way you should be able to block the attack a lot...

@ChrisMonder why don't you do the second option that I recommended (Disabling SMTP AUTH on port 25)? To disable SMTP auth on port 25 1. Edit your /etc/postfix/master.cf From: smtp inet n - n - - smtpd To: smtp inet n - n - -...

@ChrisMonder another thing that you can do is disable SMTP AUTH on port 25 in postfix then use Juggernaut Firewall to only allow access to the submission port 587 from countries that send mail though your server (Allow Countries to Port Settings). This will block most attacks.

@ChrisMonder make sure that you enable Netblock Blocking in Juggernaut Firewall. That way the login failure daemon will ban networks that are attacking you repeatedly (even if they are rotating IP addresses on the same netblocks)...