[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1144
  • Last Modified:

Limit to Postini IP Range in Plesk

I'm trying to limit incoming mail to only the IP range Postini provided me.  How can I make this work in Plesk's control panel where it doesn't seem to accommodate ranges?  Thx!

IP Range
74.125.148.0 - 74.125.151.255

CIDR Range
74.125.148.0/22

IP/Subnet Mask Pair
74.125.148.0
mask 255.255.252.0
0
sixth_street
Asked:
sixth_street
1 Solution
 
WizRd-LinuxCommented:
If you have ssh access to the server, login as root and type:

iptables -A INPUT -s 74.125.148.0/22 -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j DROP

Any changes to the firewall module in the control panel or rebooting the server will drop these rules and will need to be re-entered.  If you let me know the version of linux you are using I can tell you how to save these indefinately.  Alternatively you can attempt to translate these in the firewall module, but I think this is your issue.
0
 
AdraenyseCommented:
WizRd-Linux's instructions are correct, but Plesk takes full control over many functions including iptables when you are using the Firewall module. Therefore, any time you enter the module within Plesk and make a change, Plesk flushes and rewrites the entire iptables rules. It was because of this that I stopped using the Plesk module myself and now edit iptables configuration by hand, since it reset the counters everytime I made an edit.

However, Plesk's Firewall module does take CIDR input.

- Login to Plesk and go to SYSTEM -> MODULES -> FIREWALL
- Choose Add Custom Rule
- Enter in a rule name
- Choose what direction to match, in this case, incoming
- Choose ALLOW
- Enter in port 25
- Leave as TCP
- Press ADD
- Enter in 74.125.148.0/22 in the five boxes, the fifth box being the 22 (no slash)
- Press ADD
- Press OK

That rule will accept Postini's block. Then, to block the rest of the email:

- Choose Add Custom Rule
- Enter in a rule name
- Choose incoming
- Choose DENY
- Enter in port 25 and press ADD
- Leave the network space blank
- Press OK

It is important that you have the rules in this order, otherwise all email will be denied. Ensure that the ALLOW is above the DENY in the display list when you are done, then commit the changes.

Reference guide: http://download1.parallels.com/Plesk/Plesk7.5/Doc/plesk-7.5r-firewall-guide.pdf
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now