Search the Community

Today a strange new customer ordered and purchased an unmanaged VPS with 5 IPs from me. Upon further investigation, the user’s order and ID where problematic, as they had been flagged as fraudulent by Maxmind (and by a few hosting companies as well). Since there is nothing wrong with selling a VPS to anyone, but obliging him/them to a specific SLA and AUP, we can use iptables of the node in order to limit any kind of malevolent behavior and spamming, thus securing our remaining IP addresses from being blacklisted by major spam-listing organisations. IPtables can be configured in the following way: iptables -A FORWARD -o eth0 -p tcp -s 10.1.1.1 --dport 25 -m limit --limit 3/minute -m state --state NEW -j ACCEPT iptables -A FORWARD -o eth0 -p tcp -s 10.1.1.1 --dport 25 -m state --state NEW -j LOG iptables -A FORWARD -o eth0 -p tcp -s 10.1.1.1 --dport 25 -m state --state NEW -j DROP # Limit outgoing mail to 5/hour, plus log and drop anyt surplusing mail. This way we won't cause loss of mail (mailserver will queue/spool and retry), but it will prevent spammers causing too much trouble iptables -A FORWARD -p tcp --sport 25 --syn -m hashlimit --hashlimit-mode srcip --hashlimit-limit 5/hour --hashlimit-burst 6 -j ACCEPT iptables -A FORWARD -p tcp --sport 25 --syn -j LOG iptables -A FORWARD -p tcp --sport 25 --syn -j DROP