Hello
here : CLOUDLINUX 7.5 standard [is30] v70.0.51 with CSF/LFD
due to non-stop brute-force on email-accounts, I've activated CPHulk and used the new tab "Countries Management" and did set a country to "blacklisted" : OK.
But looking at the maillog, and the LFD blocking actions on imapd failures, I still see this failures comes from the country that I blacklisted in CPHulk / Countries Management.
So I dont understand what is doing the country "blacklisting" from CPHulk : does it inhibit an IP from a country to connect to a mailservice (as I expect) or does it something else ?
I would expect that if you blacklist a country in CPHulk, then the IPs of that country could *not* access the mailservices anymore.
Or does it have as effect that they still *can* connect, but that there connection will always fail (so LFD will always endup up blocking them ?)
Thanks for clarification.
Marco
here : CLOUDLINUX 7.5 standard [is30] v70.0.51 with CSF/LFD
due to non-stop brute-force on email-accounts, I've activated CPHulk and used the new tab "Countries Management" and did set a country to "blacklisted" : OK.
But looking at the maillog, and the LFD blocking actions on imapd failures, I still see this failures comes from the country that I blacklisted in CPHulk / Countries Management.
So I dont understand what is doing the country "blacklisting" from CPHulk : does it inhibit an IP from a country to connect to a mailservice (as I expect) or does it something else ?
I would expect that if you blacklist a country in CPHulk, then the IPs of that country could *not* access the mailservices anymore.
Or does it have as effect that they still *can* connect, but that there connection will always fail (so LFD will always endup up blocking them ?)
Thanks for clarification.
Marco