Issue Is there an SMTP restrictions in Plesk

[Jimlee3]

In CPanel there is an SMTP restrictions module which disables remote SMTP access
https://documentation.cpanel.net/display/ALD/SMTP+Restrictions
do we have something like this in Plesk? I am under SMTP brute force attack and I want to disable the remote SMTP

 

[UFHH01]

Hi Jimlee3,

pls. consider to read the official Plesk documentation ( where you have a well a SEARCH option, by the way! )

=> Configuring Server-Wide Mail Settings ( Plesk 12.5 - online documentation - Administrator's Guide )

Quoted from there:

To protect your server against unauthorized mail relaying or injection of unsolicited bulk mail, select the Enable message submission checkbox to allow your customers to send email messages through the port 587.
Also notify your customers that they need to specify the port 587 for outgoing SMTP connections in their email programs' settings, and be sure to allow connections to this port in your firewall settings.

... or/and see the documented "RELAY Options".​

 

[Jimlee3]

Hi Jimlee3,

pls. consider to read the official Plesk documentation ( where you have a well a SEARCH option, by the way! )

=> Configuring Server-Wide Mail Settings ( Plesk 12.5 - online documentation - Administrator's Guide )

Quoted from there:

... or/and see the documented "RELAY Options".​

I checked the "Closed" on Relaying but I still see a lot of smtp connection from unknown people in the mail log

so here is maillog

  Dec  2 04:28:31 PROJECT postfix/smtpd[12247]: disconnect from unknown[IP]
  Dec  2 04:29:36 PROJECT postfix/smtpd[12247]: warning: IP: address not listed for hostname
  Dec  2 04:29:36 PROJECT postfix/smtpd[12247]: connect from unknown[IP]
  Dec  2 04:29:37 PROJECT postfix/smtpd[12247]: disconnect from unknown[IP]
  Dec  2 04:32:43 PROJECT postfix/smtpd[12903]: warning: IP: address not listed for hostname ar
  Dec  2 04:32:43 PROJECT postfix/smtpd[12903]: connect from unknown[IP]
  Dec  2 04:32:44 PROJECT postfix/smtpd[12903]: disconnect from unknown[IP]
  Dec  2 04:35:14 PROJECT postfix/anvil[11391]: statistics: max connection rate 2/60s for (smtp:127.0.0.1) at Dec  2 04:25:22
  Dec  2 04:35:14 PROJECT postfix/anvil[11391]: statistics: max connection count 1 for (smtp:127.0.0.1) at Dec  2 04:25:14
  Dec  2 04:35:14 PROJECT postfix/anvil[11391]: statistics: max cache size 2 at Dec  2 04:26:07
  Dec  2 04:35:58 PROJECT postfix/smtpd[13209]: warning: IP: address not listed for hostname
  Dec  2 04:35:58 PROJECT postfix/smtpd[13209]: connect from unknown[IP]
  Dec  2 04:35:59 PROJECT postfix/smtpd[13209]: disconnect from unknown[IP]

how can I just disable any incoming unknown smtp requests? also the fail2ban does not block these, shouldnt the postfix jail automatically block these?

 

[UFHH01]

Hi Jimlee3,

but I still see a lot of smtp connection from unknown people in the mail log

Spammers, bots, scripts... this is absolutely normal, when you have a mail - server. Welcome to the kiddies - world. That's why you should use Fail2Ban for example on your server.

also the fail2ban does not block these, shouldnt the postfix jail automatically block these?

The standard Plesk - jails and standard Fail2Ban - jails are not "perfect", but you are certainly able to adjust, modify and add jails, when you use Fail2Ban. If you need help here, it is essential, that you actually POST the content of the used jail(s) and it would help as well to include your current fail2ban.log, so that investigations could be done by people willing to help you.

In addition, if you would like help with a postfix - configuration, it is essential, that you don't only post questions, but as well your "main.cf" + "master.cf", in order to receive answers from people willing to help you.