I am trying to block some IPs range that try to login my smtp server. I had done with command
ufw route prepend deny from 45.146.130.0/24
ufw prepend deny from 45.146.130.0/24
ufw deny from 81.30.107.90
But not working they try again and again.
My ufw status is active:
20/tcp ALLOW Anywhere
21/tcp ALLOW Anywhere
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
888/tcp ALLOW Anywhere
39000:40000/tcp ALLOW Anywhere
28537/tcp ALLOW Anywhere
25/tcp ALLOW Anywhere
25/udp ALLOW Anywhere
110/tcp ALLOW Anywhere
110/udp ALLOW Anywhere
143/tcp ALLOW Anywhere
143/udp ALLOW Anywhere
465/tcp ALLOW Anywhere
465/udp ALLOW Anywhere
995/tcp ALLOW Anywhere
995/udp ALLOW Anywhere
993/tcp ALLOW Anywhere
993/udp ALLOW Anywhere
587/tcp ALLOW Anywhere
587/udp ALLOW Anywhere
Anywhere DENY 193.46.254.0/23
Anywhere DENY 81.30.107.0/24
Anywhere DENY 45.146.130.0/24
Anywhere DENY 81.30.107.0/25
Anywhere DENY 81.30.107.40
Anywhere DENY 81.30.107.24
Anywhere DENY 81.30.107.185
Anywhere DENY 81.30.107.168
Anywhere DENY 81.30.107.90
Anywhere DENY FWD 45.146.130.0/24
Anywhere DENY FWD 81.30.107.0/24
Anywhere DENY FWD 193.46.254.0/23
My logs
2025-05-03T22:41:00.753468+00:00 mail2 postfix/smtpd[183023]: disconnect from azpdsg492br4.stretchoid.com[40.124.173.185] commands=0/0
2025-05-03T22:41:32.761073+00:00 mail2 postfix/smtps/smtpd[180506]: connect from unknown[81.30.107.185]
2025-05-03T22:41:50.494354+00:00 mail2 postfix/smtps/smtpd[180506]: warning: unknown[81.30.107.185]: SASL LOGIN authentication failed: (reason unavailable), sasl_username=terms
2025-05-03T22:41:53.690926+00:00 mail2 postfix/smtps/smtpd[180506]: lost connection after AUTH from unknown[81.30.107.185]
2025-05-03T22:41:53.691023+00:00 mail2 postfix/smtps/smtpd[180506]: disconnect from unknown[81.30.107.185] ehlo=1 auth=0/1 rset=1 commands=2/3
2025-05-03T22:41:55.294642+00:00 mail2 postfix/smtps/smtpd[176868]: connect from unknown[81.30.107.201]
2025-05-03T22:41:57.365304+00:00 mail2 postfix/smtps/smtpd[180506]: connect from unknown[45.146.130.98]
What can I do now?
