Page 1 of 1

Block IP

Posted: 06 Feb 2020 13:43
by horndrup
I see alot of these in the maillog from the same ip.

Code: Select all

Feb  6 14:22:31 mailin postfix/smtpd[55105]: warning: hostname ip-38-57.ZervDNS does not resolve to address 92.118.38.57: Name or service not known
Feb  6 14:22:31 mailin postfix/smtpd[55105]: connect from unknown[92.118.38.57]
Feb  6 14:22:37 mailin postfix/smtpd[55105]: disconnect from unknown[92.118.38.57] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4

Do I need to do anything about it and can I?

Re: Block IP

Posted: 06 Feb 2020 13:55
by shawniverson
That's postfix doing its job. Someone with a bad MTA is trying to connect to you and postfix is resetting the connection.

The only time it would be an issue is if you were getting flooded with them (1000s per minutes) which would indicate a DOS attack.