Quote:
Originally Posted by sohailkmu
Kindly help me.It blocks an IP but then it says that ip match in csf.allow may not block permanently.
|
Please give your expert opinion.
I am pasting some information. Kindly help me to stop this menace.
1Vg56Q-0003Uk-HK-H
root 0 0
<root@server.xxxxxxx>
1384228642 0
-ident root
-received_protocol local
-body_linecount 11
-max_received_linelength 155
-allow_unqualified_recipient
-allow_unqualified_sender
-deliver_firsttime
XX
1
root@xxxxxxxxxx
190P Received: from root by server.xxxxxx with local (Exim 4.80.1)
(envelope-from <root@xxxxxx>)
id 1Vg56Q-0003Uk-HK
for
root@server.xxxxxx; Tue, 12 Nov 2013 08:57:24 +0500
011* From: root
009* To: root
027T To:
root@server.xxxxxx
069 Subject: lfd on server.xxxxx: blocked 115.47.26.67 (CN/China/-)
032F From: <root@server.xxxxxx>
050I Message-Id: <E1Vg56Q-0003Uk-HK@server.xxxxxx>
038 Date: Tue, 12 Nov 2013 08:57:22 +0500
Data spool file
1Vg56Q-0003Uk-HK-D
Time: Tue Nov 12 08:57:17 2013 +0500
IP: 115.47.26.67 (CN/China/-)
Failures: 5 (smtpauth)
Interval: 3600 seconds
Blocked: Permanent Block (
IP match in csf.allow, block may not work)
Log entries:
2013-11-12 08:16:10 fixed_login authenticator failed for (21cn.com) [115.47.26.67]:4649: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:30:23 fixed_login authenticator failed for (gw.com.cn) [115.47.26.67]:1516: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:44:08 fixed_login authenticator failed for (zhaodaola.com.cn) [115.47.26.67]:3111: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:44:54 fixed_login authenticator failed for (kotis.net) [115.47.26.67]:3766: 535 Incorrect authentication data (set_id=info@xxxxx)
2013-11-12 08:57:05 fixed_login authenticator failed for (tsinghua.edu.cn) [115.47.26.67]:3942: 535 Incorrect authentication data (set_id=info@xxxxxx)