Fail2ban secured smtp
RealSender relies on the Fail2ban server application to secure your dedicated smtp.
This protects against unauthorized access and DOS (Denial Of Service) attacks.
After three failed attempts, the source IP is blocked and banned.
The causes of the blacklisting could be:
authentication attempt with wrong credentials
(incorrect username or incorrect password)
authentication attempt on insecure channels
(the system requires TLS/SSL authentication)
sender’s email address is not authorized to send
(see restrictions on RealSender authorized senders)
smtp connection interrupted during the authentication process
(multiple broken connections make the smtp service unavailable for legitimate users)
The result of the block is that the smtp server no longer responds to connection attempts,
the computer making the request will receive this message:
connect to address 184.108.40.206: Connection refused
How to deal with accidentally banned IP addresses:
- Sometimes legitimate IPs get banned due to new configurations or other reasons.
RealSender provides direct access to Fail2ban logs to verify the bans, like these:
2021-08-26 01:38:01,199 fail2ban.filter : INFO [smtp] Found 220.127.116.11 - 2021-08-26 01:38:00 2021-08-26 01:38:01,201 fail2ban.filter : INFO [smtp] Found 18.104.22.168 - 2021-08-26 01:38:01 2021-08-26 01:38:01,404 fail2ban.filter : INFO [smtp] Found 22.214.171.124 - 2021-08-26 01:38:01 2021-08-26 01:38:01,972 fail2ban.actions : NOTICE [smtp] Ban 126.96.36.199
- Once you have defined that your IP has been banned,
contact RealSender support and request the “whitelisting”.
New connections from the “whitelisted” IP address will be ignored and logged as follows:
2021-08-23 07:00:12,501 fail2ban.filter : INFO [smtp] Ignore 188.8.131.52 by ip 2021-08-23 07:00:12,501 fail2ban.filter : INFO [smtp] Ignore 184.108.40.206 by ip 2021-08-23 07:00:13,115 fail2ban.filter : INFO [smtp] Ignore 220.127.116.11 by ip