ipset набір для групи адрес
Перевіривши поштовий лог:
grep -Ei "sasl|authentication failure|imap-login" /var/log/mail.log | tail -n 50Можна побачити таку картину:
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.189]: SASL LOGIN authentication failed: sasl_username=apiv3-dev
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.42]: SASL LOGIN authentication failed: sasl_username=mayu
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.177]: SASL LOGIN authentication failed: sasl_username=karpov
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.174]: SASL LOGIN authentication failed: sasl_username=hola
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.182]: SASL LOGIN authentication failed: sasl_username=leung
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.143]: SASL LOGIN authentication failed: sasl_username=pcjames
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.153]: SASL LOGIN authentication failed: sasl_username=nobody
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.146]: SASL LOGIN authentication failed: sasl_username=lhs
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.29]: SASL LOGIN authentication failed: sasl_username=vivien
2025-09-23... mail postfix/sm...[38671]: warning: unknown[81.30.107.115]: SASL LOGIN authentication failed: sasl_username=icuДля блокуання 81.30.107.* створюємо спеціальний набір "manual_block" як hash:net:
ipset create manual_block hash:net family inet -existКуди можемо додавати діапазони адрес:
ipset add manual_block 81.30.107.0/24І додати набір в iptables:
iptables -I INPUT -m set --match-set manual_block src -j DROP # одноразово!Last updated