Well, I did it last night - I wrote an event driven TCL script that
watches the mail log for sendmail's "RCPT Flood" message and then
blackholes the IP address... then, after a user specified time limit, it
will remove the blackhole automatically. Any add/delete actions are
saved in a text file in /tmp in case the system reboots or whatever...
so just run it again and it will fix itself. It's TCL - EVERYONE should
be able to make sense of it.
If anyone would like a copy... feel free to contact me off the list.
My only request if you're going to use it is not to laugh at my
programming. I'm not a programmer.. I'm a hardware guy who programs at
gunpoint. ;)
-Ben
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
