Re: [exim] Using GeoIP to block spammers - anyone?

Fri, 23 Jun 2006 09:38:36 -0700 

* On 23/06/06 09:57 -0400, Chris Meadors wrote:
| On Fri, 2006-06-23 at 16:18 +0300, Odhiambo G. Washington wrote:
| 
| > | Your customers use this server for relaying? Then you probably identify 
| > | them by SMTP AUTH or fixed IPs. That should give you the facility to 
| > | block unauthorized senders.
| > 
| > Yes and yes. I already do that. However, it has not stopped spammers 
| > from connecting to it, which is why I am looking at this other option.
| > 
| > Kindly give me the idea in your mind, how I can block the spammers,
| > without knowing their IP address before hand.
| 
| Even using a DNS blacklist the spammers will still connect to your
| server.  It will actually cause you more overhead as you'll have to do a
| DNS check for each incoming connection.
| 
| If the spammers are just connecting and then being refused relay, after
| they do not AUTH or originate from a know IP.  Then you already are
| consuming the least resources over any additional checks you can perform
| within Exim.
| 
| They only way you could get less is to block the connections from ever
| reach Exim.  Like with a firewall.  But that would require you to know
| all the IP addresses that will ever be allowed to reach you machine to
| white list them.


I agree with you. Now tell me how much overheard this would add, if I 
knew _all_ the IPs that are geographically in Kenya (via GeoIP):


check_connect:
        drop !hosts = cdb;/path/to/db/with/all_KE-IPs
accept


(or the reversing thereof, of this rule).




        cheers
       - wash 
+----------------------------------+-----------------------------------------+
Odhiambo Washington                     . WANANCHI ONLINE LTD (Nairobi, KE)  |
wash () WANANCHI ! com                  . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223                 . # 10286, 00100 NAIROBI             |
GSM: (+254) 733 744 121                 . (+254) 020 313 985 - 9             |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"  
                                                 --from a /. post

-- 
## List details at http://www.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/

Reply via email to