On Apr 8, 2004, at 6:41 PM, Ben Kamen wrote:
Boy, as I sit here and watch the spammers try to
A: use me as a relay (same IP, multiple tries) B: scan for usernames C: try and deliver to bogus names I've used on the net
I would love to have a hook in mimedefang to auto-blackhole these IP's... kinda like the greylisting where the entry times out after a while.. but after so many misses, the IP gets null-routed...
I know there's probably ways to do this.. I'd just have to sit down and do it.. but don't have the time...
If you're running your mail server on Linux, you can actually do this fairly easily - although it is outside of MD or Sendmail. grep your maillog for repetitive instances of an ip address attempting connections to unknown users and via shell scripts put offending numbers into your iptables file with -j REJECT. Those bozos won't even get close to your mail server after that [0].
But don't you guys and gals get mad when you see some pathetic loser try and bash the doors down to your mail server??
Don't get mad, get even. Block them before they can even connect to you. This may be "Extremism" and YMMV; But for our situation at my orkplace [1], it's part of an overall solution that is working well.
-Loren
[0] Don't forget to script a restart of iptables. D'Oh! [1] We do not host mail for others. Fairly low volume: ~ 25,000 msg/day
-Loren K Louthan | tel: 818 786 2110 | AIM: LorenSRAR
-Data Communications Engineer - CRISNet Regional MLS
Government's view of the economy could be summed up in a few short phrases: If it moves, tax it. If it keeps moving, regulate it. And if it stops moving, subsidize it."
-Ronald Wilson Reagan
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
