I have hMailServer set up on my windows server 2008 machine.
I just started noticing in the logs that there are a lot of entries related to people trying to send external to external mails (obv spam?) through my machine.
I've not set the server to allow ext 2 ext mail delivery. It did look like it was all coming from one ip range but now it's from all over - is there anything I can do to stop this?
The ip ranges seem to be in the same range but it's only the first byte that's the same - it comes from 2 ranges by the looks of it - i'm not at my server but it looked like 114...* and 214...*
Might be wrong with those but you get my meaning. I was looking at using IP Security Manager to stop those IPs even hitting the mail server
is that advisable? being that they are such huge ranges?
If it is advisable - how do you specify a range in the ip security snap in?
Honestly; if you’re not allowing it on your side, then I wouldn't worry too much about it. Being a corporate environment, we see this all the time. The best advice I could give you for this issue is to keep current with updates. If you block a range of IPs and one of those happens to be important down the road, you might hurt yourself more then just blocking an annoyance.
If you have mail incoming on these servers blocking, IP ranges that big is not a good idea.
The attempts should not burn much bandwidth as they should be blocked before the message is actually transmitted.
Consider using spamhaus.org blacklist, that should cut out most of these attempts.