From: Henrik K (hegehege.li)
Date: Tue May 27 2008 - 03:51:06 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 27, 2008 at 10:30:56AM +0200, Michael Monnerie wrote:
>
> > I just use a simple perl-script that blocks hosts with iptables. It
> > uses File::Tail to monitor log, so blocking is done almost without
> > delays. I don't see much point in using postfix to block things,
> > since it takes more resources.
> > http://hege.li/contrib/smtp_block.pl
>
> That way you cannot even see when a host tried to send an e-mail, which
> makes looking for missing e-mails impossible. If you have a false
> positive, you cannot even look it up in mail logs. That's absolutely a
> no-go for us. Either we accept an e-mail or we reject it - on SMTP

Obviously the first try will be logged. I only add blocks because of RBL
listing or other rules that would reject. The mail would be lost anyway. You
could even reduce the block to 10 minutes to ease some hammering.

Also try to reply properly. Instead of stuffing everything to one mail, you
even replied some of my text that wasn't directed at you to 3 lists.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]