Here is a list of all abuse ports blocked. This host has unlimited bandwidth like 3,000 TIB per month/ VPS. So if possible I would like to stay here. They are fine with torrents abuse but not malware distribution emails… I am running an exit relays.
If you see anything wrong please let me know. The server is 100% secure. Not my first time but its my first time for this host. Next time, I lose my money on a vps I paid for 1 year.
Has anyone else gotten these emails and if so what ports do I need to block. Thank You.
"i received this email abuse.
Please do not need to contact us (we cannot handle the entire volume of requests humanely, we are a non-commercial project). We send alerts of what we detect to the various suppliers and these are generated automatically.
If you are unable to deal with this alert for which you are responsible at the time, please simply ignore our email. If you are dealing with this alert, thank you very much for your pugnacity.
If you have dealt with these security incidents, you can inform us by clicking on the links available in the alerts you have received by our system (called “close link”. By clicking on these links, you confirm to us that you have closed this incident and that we can propose the removal of this URL from our databases.
Issue #1
Domain name: ip
IP Address: ip
URL: hxxp://ip
Timestamp: Mon, 19 Sep 2022
Threat: Malicious:URL"
Abuse Ports Blocked:
What ports am I missing?
ExitPolicy accept *:20-21 # FTP - File Transfer Protocol (data / control)
#ExitPolicy accept *:22 # SSH - Secure Shell, secure logins, file transfer (potential ABUSE - common port scan attacks map.norsecor>
#ExitPolicy accept *:23 # Telnet - protocol-unencrypted text communications (potential ABUSE - common port scan attacks map.norseco>
ExitPolicy accept *:43 # WHOIS - who is query and response protocol
ExitPolicy accept *:53 # DNS - Domain Name System
ExitPolicy accept *:79 # finger - Name/Finger user information protocol
ExitPolicy accept *:80-81 # HTTP - Hypertext Transfer Protocol / web browsing
ExitPolicy accept *:88 # kerberos - computer network authentication protocol
ExitPolicy accept *:110 # POP3 - Post Office Protocol v3 (receive email only)
ExitPolicy accept *:143 # IMAP - Internet Message Access Protocol, management of email messages (receive email only)
#ExitPolicy accept *:194 # IRC - Internet Relay Chat (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpolicy)
ExitPolicy accept *:220 # IMAP3 - Internet Message Access Protocol v3 (receive email only)
ExitPolicy accept *:389 # LDAP - Lightweight Directory Access Protocol
ExitPolicy accept *:443 # HTTPS - Hypertext Transfer Protocol over TLS/SSL / secure web browsing
ExitPolicy accept *:464 # kpasswd - Kerberos Change/Set password
#ExitPolicy accept *:465 # URD for SSM / email SUBMISSION (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpolicy)
ExitPolicy accept *:531 # IRC/AIM - AOL Instant Messenger
ExitPolicy accept *:543-544 # Kerberos - klogin, Kerberos login / kshell, Kerberos Remote shell
ExitPolicy accept *:554 # RTSP - Real Time Streaming Protocol
#ExitPolicy accept *:563 # NNTP over SSL - Network News Transfer Protocol - (How can we help? | Tor Project | Support)
#ExitPolicy accept *:587 # SMTP - email SUBMISSION (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpolicy)
ExitPolicy accept *:636 # LDAP - Lightweight Directory Access Protocol over TLS/SSL
ExitPolicy accept *:706 # SILC - Secure Internet Live Conferencing
ExitPolicy accept *:749 # kerberos - protocol administration
ExitPolicy accept *:873 # rsync - file synchronization protocol
ExitPolicy accept *:902-904 # VMware - Virtual Infrastructure Client / Console / Server
ExitPolicy accept *:981 # Remote HTTPS management for firewall
ExitPolicy accept *:989-990 # FTP over TLS/SSL - File Transfer Protocol (data / control)
ExitPolicy accept *:991 # Netnews Administration System
ExitPolicy accept *:992 # Telnet protocol over TLS/SSL
ExitPolicy accept *:993 # IMAP over SSL - Internet Message Access Protocol over TLS/SSL (receive email only)
#ExitPolicy accept *:994 # IRCS - Internet Relay Chat SSL (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpolicy)
ExitPolicy accept *:995 # POP3 over SSL - Post Office Protocol v3 (receive email only)
ExitPolicy accept *:1194 # OpenVPN - Virtual Private Network
ExitPolicy accept *:1220 # QT Server Admin - QuickTime Streaming Server administration
ExitPolicy accept *:1293 # PKT-KRB-IPSec - Internet Protocol Security
ExitPolicy accept *:1500 # VLSI License Manager - Firewall (NT4-based) Remote Management / Server
ExitPolicy accept *:1533 # Sametime - IM—Virtual Places Chat MS SQL Server
ExitPolicy accept *:1677 # GroupWise - clients in client/server access mode
ExitPolicy accept *:1723 # PPTP - Point-to-Point Tunneling Protocol
ExitPolicy accept *:1755 # RTSP - Media Services (MMS, ms-streaming)
ExitPolicy accept *:1863 # MSNP - MS Notification Protocol, MS Messenger service / Instant Messaging clients
ExitPolicy accept *:2082 # Infowave Mobility Server and CPanel default
ExitPolicy accept *:2083 # Secure Radius Service (radsec) and CPanel default SSL
ExitPolicy accept *:2086-2087 # GNUnet, ELI - Web Host Manager default and Web Host Manager default SSL
ExitPolicy accept *:2095-2096 # NBX - CPanel default web mail and CPanel default SSL web mail
ExitPolicy accept *:2102-2104 # Zephyr - Project Athena Notification Service server / connection / host manager
#ExitPolicy accept *:3128 # SQUID - Web caches / client connection software - (potential ABUSE - common port scan attacks map.norseco>
#ExitPolicy accept *:3389 # MS WBT - Microsoft Terminal Server (RDP) - (potential ABUSE - common port scan attacks map.norsecorp.com)
ExitPolicy accept *:3690 # SVN - Subversion version control system
ExitPolicy accept *:4321 # RWHOIS - Referral Who is Protocol
ExitPolicy accept *:4643 # Virtuozzo
ExitPolicy accept *:5050 # MMCC - Yahoo! Messenger
ExitPolicy accept *:5190 # ICQ and AOL Instant Messenger
ExitPolicy accept *:5222-5223 # XMPP, XMPP over SSL - Extensible Messaging and Presence Protocol client connection
ExitPolicy accept *:5228 # Android Market - Google Play, Android Cloud, Google Cloud Messaging / HP Virtual Room Service
#ExitPolicy accept *:5900 # VNC - Virtual Network Computing (RDP) - (potential ABUSE - common port scan attacks map.norsecorp.com)
#ExitPolicy accept *:6660-6669 # IRC - Internet Relay Chat - (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpolicy)
#ExitPolicy accept *:6679 # IRC SSL - (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpolicy)
#ExitPolicy accept *:6697 # IRC SSL - (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpolicy)
#ExitPolicy accept *:8000 # iRDMI - often used instead of port 8080 - (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpoli>
ExitPolicy accept *:8008 # HTTP alternate / Server administration default
ExitPolicy accept *:8074 # Gadu-Gadu - instant messaging client
#ExitPolicy accept *:8080 # HTTP Proxies - Web proxy and caching server - (potential ABUSE - common port scan attacks map.norsecorp.c>
ExitPolicy accept *:8082 # HTTPS Electrum Bitcoin port
ExitPolicy accept *:8087-8088 # Simplify Media SPP Protocol, Radan HTTP - Control Panel
ExitPolicy accept *:8232-8233 # Zcash
ExitPolicy accept *:8332-8333 # Bitcoin
ExitPolicy accept *:8443 # PCsync HTTPS - Plesk Control Panel, Apache Tomcat SSL
ExitPolicy accept *:8888 # HTTP Proxies, NewsEDGE - HyperVM, Freenet, MAMP Server
ExitPolicy accept *:9418 # git - Git pack transfer service
#ExitPolicy accept *:9999 # distinct - Telnet control - (REJECT to AVOID Tor DNSBL - www.sectoor.de/tor.php#en-listpolicy)
ExitPolicy accept *:10000 # Network Data Management Protocol - Webmin, Web-based Unix/Linux system administration tool
ExitPolicy accept *:11371 # OpenPGP hkp (http keyserver protocol)
ExitPolicy accept *:19294 # Google Voice TCP - Voice and Video connections
ExitPolicy accept *:19638 # Ensim control panel
ExitPolicy accept *:50002 # Electrum Bitcoin SSL
ExitPolicy accept *:64738 # Mumble - voice over IP
ExitPolicy reject :
ExitRelay 1