Blocked Countries blocks email server

From Kolmisoft Wiki
Jump to navigationJump to search

Description

If Blocked Countries functionality is used, it is possible to unintentionally block SMTP server, if SMTP server Domain resolves to IP, which belongs to blocked country.



Solution

Find out which IPs belong to SMTP server domain name and add them to iptbales ACCEPT list. For example, let's say you use smtp.office365.com SMPT server. IPs for this domain name are listed here: https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges

So we add all IPs to INPUT chain 

iptables -I INPUT -s 13.107.6.152/31  -j ACCEPT
iptables -I INPUT -s 13.107.18.10/31 -j ACCEPT
iptables -I INPUT -s 13.107.128.0/22 -j ACCEPT
iptables -I INPUT -s 23.103.160.0/20 -j ACCEPT
iptables -I INPUT -s 40.96.0.0/13 -j ACCEPT
iptables -I INPUT -s 52.96.0.0/14 -j ACCEPT
iptables -I INPUT -s 131.253.33.215 -j ACCEPT
iptables -I INPUT -s 132.245.0.0/16 -j ACCEPT
iptables -I INPUT -s 150.171.32.0/22 -j ACCEPT
iptables -I INPUT -s 191.234.140.0/22 -j ACCEPT
iptables -I INPUT -s 204.79.197.215 -j ACCEPT

And save configuration: 

service fail2ban stop
service iptables save
service fail2ban start



See Also

Blocked Countries

Retrieved from "https://wiki.kolmisoft.com/index.php?title=Blocked_Countries_blocks_email_server&oldid=24577"