Solved

Limit to Postini IP Range in Plesk

Posted on 2009-05-18
2
1,081 Views
Last Modified: 2013-12-16
I'm trying to limit incoming mail to only the IP range Postini provided me.  How can I make this work in Plesk's control panel where it doesn't seem to accommodate ranges?  Thx!

IP Range
74.125.148.0 - 74.125.151.255

CIDR Range
74.125.148.0/22

IP/Subnet Mask Pair
74.125.148.0
mask 255.255.252.0
0
Comment
Question by:sixth_street
2 Comments
 
LVL 13

Expert Comment

by:WizRd-Linux
ID: 24418265
If you have ssh access to the server, login as root and type:

iptables -A INPUT -s 74.125.148.0/22 -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp --dport 25 -j DROP

Any changes to the firewall module in the control panel or rebooting the server will drop these rules and will need to be re-entered.  If you let me know the version of linux you are using I can tell you how to save these indefinately.  Alternatively you can attempt to translate these in the firewall module, but I think this is your issue.
0
 
LVL 4

Accepted Solution

by:
Adraenyse earned 500 total points
ID: 24446351
WizRd-Linux's instructions are correct, but Plesk takes full control over many functions including iptables when you are using the Firewall module. Therefore, any time you enter the module within Plesk and make a change, Plesk flushes and rewrites the entire iptables rules. It was because of this that I stopped using the Plesk module myself and now edit iptables configuration by hand, since it reset the counters everytime I made an edit.

However, Plesk's Firewall module does take CIDR input.

- Login to Plesk and go to SYSTEM -> MODULES -> FIREWALL
- Choose Add Custom Rule
- Enter in a rule name
- Choose what direction to match, in this case, incoming
- Choose ALLOW
- Enter in port 25
- Leave as TCP
- Press ADD
- Enter in 74.125.148.0/22 in the five boxes, the fifth box being the 22 (no slash)
- Press ADD
- Press OK

That rule will accept Postini's block. Then, to block the rest of the email:

- Choose Add Custom Rule
- Enter in a rule name
- Choose incoming
- Choose DENY
- Enter in port 25 and press ADD
- Leave the network space blank
- Press OK

It is important that you have the rules in this order, otherwise all email will be denied. Ensure that the ALLOW is above the DENY in the display list when you are done, then commit the changes.

Reference guide: http://download1.parallels.com/Plesk/Plesk7.5/Doc/plesk-7.5r-firewall-guide.pdf
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The purpose of this article is to demonstrate how we can use conditional statements using Python.
Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now