On Sun, 30 Nov 2003, Len Conrad wrote: |->>|-> reject_unknown_sender_domain, |->>|-> reject_unknown_recipient_domain, |->> |->> bad_ip.map, <<<<<<<<--------- This is what I was thinking and |->>putting the IP in there with a REJECT |-> |->The IMGate name for this file is the self-documenting mta_clients_bw.map, |->which you should have received with the basic IMGate files. It comes after |->reject_unauth_destination since whitelisting before |->reject_unauth_destination makes IMGate an open relay. if you want to
I'll have to go back over my last IMGate files that I recieved and look at them. |->blacklisting an ip in your networks, you have to add another file, |->mta_clients_black.map and put it before permit_mynetworks Thats exactly what I was going to do but I was going to call it bad_ip.map and have that file before permit_mynetworks. I was following thats its a first match, that if Postfix got to bad_ip.map (mta_clients_black.map) and there was an IP of ours with a REJECT it would be stopped at that point and at least the mail would not even be queued. Least thats what hope anyway. Next time it happens (and it will happen I'm sure) I'll try that and see if it helps. Thanks, Keith
