Tech Question about my Linux Server

I know we have a lot of techies here, so maybe someone can help or give advice…

I am running my own small linux cloud server thingy with ubuntu/plesk because … [long history] It’s just a tiny little thing running a webserver for my website, a few mini services and my own mailserver with postfix/dovecot. My linux knowledge used to be better than it is right now. I haven’t needed it much I admit.

I’ve been experiencing memory issues with the mailserver and looking into the logfiles I’ve been seeing failed login attempts to postfix from an IP block. The danger is not from them getting into the server, they are just trying random/spammer-known mail addresses that do not correspond to any existing credentials. They are just using up my cpu/memory…

I’ve configured fail2ban to trigger faster and keep them away longer but I would kind of like to get rid of the whole block of addresses permanently for my postfix (I checked they all appear to be from the same provider–not mine, not even my country). Can I do that? Is it advisable?


That should be fine. (Though double and triple check the address details. It is entirely possible accidentally to include one’s own remote admin address in a ban. Not that I would ever do something that stupid. Ahem.)

I don’t speak Plesk; I just do straight command line stuff. But setting an IP-level ban with iptables/whatever filtering tool should be cheaper on your CPU time than allowing an SMTP connection that then gets rejected.


I am quite … ahem familiar with my hosting provider’s rescue system setup for … some reason :wink:

Ah, iptables, my great nemesis… but yeah that sounds like an idea.


I expected nothing else :stuck_out_tongue_winking_eye:


The downside obviously is that if someone sends you legit email from that block it’ll bounce. Depending on the block, that may be unlikely. One of my servers is hosted with OVH, because it’s very cheap… but nobody would reasonably expect anyone to accept email from there.


It’s already looking much nicer and my mail log looks like right now it’s just me and my partner and the occasional spam email arriving, as it should be… well not the spam but even with my setup it’s hard to get rid of all of it.