Hi, I have a Ubuntu 16.04 email server and I need to block a certain IP address from connecting to it. This is the rule I have in UFW:
Anywhere DENY (The IP address I want to block.)
However my postfix log shows that the IP address is still trying to connect. How can I truly block this IP address?
Is said IP address failing?
What I do is install fail2ban on my servers. It bans IPs who fail to connect too many times in a given time period. I don't have to worry about banning individual IPs after that.
i would also try iptables if you'd like.
here's a link to a nice little write up
IPtable Firewall Rules
The problem was that the rule I was trying to use was below all my postfix rules and so the traffic was passed before reaching it. I have installed and configured fail2ban, which has stopped the erroneous login attempts. Thank you everyone for your help and suggestions.