• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx

  • We are developing a new feature in Plesk that will help you promote your websites or business on social media. We want to conduct a one-hour online UX test to present the prototype and collect feedback. If you are interested in the feature, please book a meeting via this link.
    Thank you in advance!
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved How to Block SMTP AUTH attempts using a RBL

> I have a really good RBL that I checked a lot of times vs attacker IP's and my client IP's and it's 99% exact with the attacker IP's, so, yes a RBL will work if there's a way to block the SMTP AUTH using it.

Use postscreen then as this is what it was designed for:
Hi @danami & others,

Thanks for sharing this, I use it on other mail servers but I've not tried it with Plesk because I understand there are some issues when using postscreen.
Can anyone confirm that Plesk works well in the long run when using postscreen options, without the deep protocol tests?

Also, @danami, does your latest Warden include Postscreen settings/options like dnsbl and thresholds?
 
@zwankie Setting up postscreen will break the Plesk mail repair tools the last time I checked. Also most of the postscreen restrictions are fully supported directly by Postfix anyway.

You can see the Postfix restrictions that Warden supports here:

The best way to stop SMTP attacks is to disable SMTP auth in Postfix for the incoming port 25 then use Juggernaut Firewall to only allow the countries you want to be allowed to send on the submission port 587. Everyone else will be blocked from connecting to the submission port.
 
@zwankie Setting up postscreen will break the Plesk mail repair tools the last time I checked. Also most of the postscreen restrictions are fully supported directly by Postfix anyway.

You can see the Postfix restrictions that Warden supports here:

The best way to stop SMTP attacks is to disable SMTP auth in Postfix for the incoming port 25 then use Juggernaut Firewall to only allow the countries you want to be allowed to send on the submission port 587. Everyone else will be blocked from connecting to the submission port.
Thanks for the reply.

What I'm specifically looking for is to implement a DNSBL solution with Thresholds so that it reduces false positives. Meaning setting it so that at least two or more (depending on the threshold setting) DNSBL providers need to have it listed before it is blocked. As far as I know only postscreen allows this Threshold not the normal Postfix smtpd_client_restrictions.

If I missed the way to do thresholds for DNSBL entries without postscreen please let me know.
 
@zwankie Then you are out of luck then as the Plesk repair tools can't handle the postscreen configuration. Also Warden already allows you to be able to whitelist servers from Plesk DNSBLs so if you do have a server that's blocked you can whitelist it or it's CIDR easily.
 
Back
Top