Solved

Limit to Postini IP Range in Plesk

Posted on 2009-05-18
2
1,076 Views
Last Modified: 2013-12-16
I'm trying to limit incoming mail to only the IP range Postini provided me.  How can I make this work in Plesk's control panel where it doesn't seem to accommodate ranges?  Thx!

IP Range
74.125.148.0 - 74.125.151.255

CIDR Range
74.125.148.0/22

IP/Subnet Mask Pair
74.125.148.0
mask 255.255.252.0
0
Comment
Question by:sixth_street
2 Comments
 
LVL 13

Expert Comment

by:WizRd-Linux
ID: 24418265
If you have ssh access to the server, login as root and type:

iptables -A INPUT -s 74.125.148.0/22 -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j DROP

Any changes to the firewall module in the control panel or rebooting the server will drop these rules and will need to be re-entered.  If you let me know the version of linux you are using I can tell you how to save these indefinately.  Alternatively you can attempt to translate these in the firewall module, but I think this is your issue.
0
 
LVL 4

Accepted Solution

by:
Adraenyse earned 500 total points
ID: 24446351
WizRd-Linux's instructions are correct, but Plesk takes full control over many functions including iptables when you are using the Firewall module. Therefore, any time you enter the module within Plesk and make a change, Plesk flushes and rewrites the entire iptables rules. It was because of this that I stopped using the Plesk module myself and now edit iptables configuration by hand, since it reset the counters everytime I made an edit.

However, Plesk's Firewall module does take CIDR input.

- Login to Plesk and go to SYSTEM -> MODULES -> FIREWALL
- Choose Add Custom Rule
- Enter in a rule name
- Choose what direction to match, in this case, incoming
- Choose ALLOW
- Enter in port 25
- Leave as TCP
- Press ADD
- Enter in 74.125.148.0/22 in the five boxes, the fifth box being the 22 (no slash)
- Press ADD
- Press OK

That rule will accept Postini's block. Then, to block the rest of the email:

- Choose Add Custom Rule
- Enter in a rule name
- Choose incoming
- Choose DENY
- Enter in port 25 and press ADD
- Leave the network space blank
- Press OK

It is important that you have the rules in this order, otherwise all email will be denied. Ensure that the ALLOW is above the DENY in the display list when you are done, then commit the changes.

Reference guide: http://download1.parallels.com/Plesk/Plesk7.5/Doc/plesk-7.5r-firewall-guide.pdf
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now