Solved

Limit to Postini IP Range in Plesk

Posted on 2009-05-18
2
1,108 Views
Last Modified: 2013-12-16
I'm trying to limit incoming mail to only the IP range Postini provided me.  How can I make this work in Plesk's control panel where it doesn't seem to accommodate ranges?  Thx!

IP Range
74.125.148.0 - 74.125.151.255

CIDR Range
74.125.148.0/22

IP/Subnet Mask Pair
74.125.148.0
mask 255.255.252.0
0
Comment
Question by:sixth_street
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 13

Expert Comment

by:WizRd-Linux
ID: 24418265
If you have ssh access to the server, login as root and type:

iptables -A INPUT -s 74.125.148.0/22 -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j DROP

Any changes to the firewall module in the control panel or rebooting the server will drop these rules and will need to be re-entered.  If you let me know the version of linux you are using I can tell you how to save these indefinately.  Alternatively you can attempt to translate these in the firewall module, but I think this is your issue.
0
 
LVL 4

Accepted Solution

by:
Adraenyse earned 500 total points
ID: 24446351
WizRd-Linux's instructions are correct, but Plesk takes full control over many functions including iptables when you are using the Firewall module. Therefore, any time you enter the module within Plesk and make a change, Plesk flushes and rewrites the entire iptables rules. It was because of this that I stopped using the Plesk module myself and now edit iptables configuration by hand, since it reset the counters everytime I made an edit.

However, Plesk's Firewall module does take CIDR input.

- Login to Plesk and go to SYSTEM -> MODULES -> FIREWALL
- Choose Add Custom Rule
- Enter in a rule name
- Choose what direction to match, in this case, incoming
- Choose ALLOW
- Enter in port 25
- Leave as TCP
- Press ADD
- Enter in 74.125.148.0/22 in the five boxes, the fifth box being the 22 (no slash)
- Press ADD
- Press OK

That rule will accept Postini's block. Then, to block the rest of the email:

- Choose Add Custom Rule
- Enter in a rule name
- Choose incoming
- Choose DENY
- Enter in port 25 and press ADD
- Leave the network space blank
- Press OK

It is important that you have the rules in this order, otherwise all email will be denied. Ensure that the ALLOW is above the DENY in the display list when you are done, then commit the changes.

Reference guide: http://download1.parallels.com/Plesk/Plesk7.5/Doc/plesk-7.5r-firewall-guide.pdf
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question