Black Listing IP Addresses

[jcoulter]

Is there a way to black list IP addresses?

 

[jwdick]

ban ip addresses from the entire server with the hosts.deny file and for just email, add the ip address to the black list in <SERVER><MAIL><Black List>

 

[jcoulter]

Where is the host.deny located?

I tried adding to the server blacklist but it only allows email addresses and won't accept IPs. Unless I'm typing it in wrong.

Thanks

 

[jwdick]

I apologize about the misinformation with the black list. You are correct, only email addresses can be entered there.

The hosts.deny file is in the "/etc" directory.

Format for adding an ip is:

ALL:xx.xx.xx.xx

 

[jcoulter]

Cool Beans.

I'm assuming it will block email, as that is really what I want.

Will the deny work with partial addresses? Such as xx.xx.xx ?

Thanks again,

 

[jwdick]

It will use partial addresses. use XX.XX.XX.

It will stop everything after the last dot.

 

[gauerj1]

Does anyone know about wild card domains. Example I get lots of spam from XXX.XXX.XXX.XXX.blabla.fr or XXX.XXX.XXX.XXX.blabla.de.

I want to block the whole domain blabla.de. I'm pretty sure I cant do a wild card via plesk but I'm sure there's some qmail place I can. Anyone konw where off hand.?

 

[rbuhler]

Qmail uses a control file to filter domain names. The file is normally located at /var/qmail/control/badmailfrom, and will reject any email addresses or domain placed in this file.
You can block single email address or whole domain such as:
[email protected]
@example.net

 

[gauerj1]

Thanks rbuhler,

This will let me put one entry in to block subdomains sub1.blabla.de, sub2.blabla.de... and so on by just adding some similar to *blabla.com (I'll figure syntax later).