Blocking connections from outside

V

vladosubu

New Member
Dec 1, 2022
26
0
1
Good afternoon, judging by the logs, we have been attacked for a long time by attempts to send mail not from our network - connecting via telnet... We started to figure out that google somehow disabled the "helo, ehlo" commands when connecting via telnet. Please tell me how we can also ban these commands??? And if we ban them, how can they harm us? Or only benefit?
And another question: when you connect to us via telnet, you can immediately see that we use "PROXMOX" is it possible to hide it somehow?
 
hi, i'm not sure what you mean exactly, can you maybe post the relevant log so i can better understand what you want to avoid?

vladosubu said:
And another question: when you connect to us via telnet, you can immediately see that we use "PROXMOX" is it possible to hide it somehow?
Click to expand...
what is shown is the smtpd banner and that is configurable in Configuration -> Mail Proxy -> Options
 
Thank you for the banner!
I attach 2 screens, the first screen is ours (I have covered up the information)
the second screen (google) immediately disables when trying to send (helo, ehlo)
Can we do the same?
1682582510455.png
1682582521373.png
 
empty helo/ehlo is already an error in postfix, but since many mail servers misbehave in the smtp dialog only after 20 errors postfix disconnects
to configure that you can overwrite the smtpd_hard_error_limit in the postfix config
http://www.postfix.org/postconf.5.html#smtpd_hard_error_limit
(note that i would not set it to e.g. 1 otherwise you'll probably reject many valid mailservers, also under overload postfix already sets this to one)

check here: https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine
how to configure the postfix config templates

also check the options smtpd_helo_required
and smtpd_helo_restrictions
in the postfix config (both of which have already sensible default values in pmg)
 
Last edited:
Good afternoon!
I explained it wrong. I have covered up our data, I would like to know how to prohibit commands (helo, ehlo), that is, so that people connected via telnet could not use these commands and they were disabled like google
 
i am no sure i understand you then. the message from google explicitely says 'Empty HELO/EHLO' meaning a
Code: 
helo
or
Code: 
ehlo
without a domain
this is already an error in postfix

you cannot detect the difference in how the other server connects, it's all just tcp/ip over which smtp commands go
 
If they are using something like TeamViewer then you'll be hard pressed to stop it unless you remove the app from your device. I guess you could go in to the PC firewall and explicitly block their app until you need to have assistance provided.
pikashow apk
ppsspp gold apk
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back