On Sun, 02 Mar 2003 17:45:12 -0500 Mark Weaver
<[EMAIL PROTECTED]> wrote:
> Scott St. John wrote:
> > Until I can migrate my clients over to Postfix I have been using the
> > access lists in Sendmail to block certain repeat spammers. I am
> > wondering if I could just use iptables to block them and take the load
> > off Sendmail?
> >
> > My question would be 1)Is that practical 2)Is the proper way to block
> > an entire network this:
> >
> > iptables -A INPUT -s 209.8.161.0/24 -j DROP
> >
> > I added this, however traffic from this network is still reaching my
> > mail server. I want to block EVERYTHING from that network as they are
> > sending porn mail to my clients.
> >
> > Thanks,
> >
> > -Scott
>
> Scott,
>
> this method will work, but if you want to block the entire network where
> the junk comes from then you'll have to block the entire netblock and
> not just that part of it.
>
> iptables -A INPUT -s 209.0.0.0 -j DROP
^^^^^^^^^
Mark, this is a single address... to drop the entire block, you need a
netmask:
either 209.0.0.0/8 or 209.0.0.0/255.0.0.0
> This should definately take care of things.
>
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
