Matthew Schumacher wrote:
If we had gone with iptables we wouldn't be able to leave our abuse, postmaster, and support addresses open, and users would be rejected without an error message explaining exactly what happened. Since rejected email only costs us one ldap and one sql lookup we will live with that since those things are really cheap compared to mimedefang and SA.
iptables blocks in this context (or whatever kernel-level firewall system is available) are for the peristent host that simply WILL NOT STOP whatever rude activity it's doing. I've only ever had to use this once, against a "freenet" server that was opening SMTP connections ~5 times a second, starting the SMTP conversation (up to the sender IIRC)... and then stalling. Repeated, increasingly unhappy emails to the system's postmaster were accepted with no apparent effect.
My final mail noted that I was dropping their server in my firewall due to persistent abuse (and included a short log extract - if I'd really been feeling annoyed that day I might have mailed the whole monster log), and that if and when they fixed their problem and contacted me (through an address handled by a different server) I would remove the entry. I removed it during a cleanup at one point about six months later and it hasn't happened again.
-kgd _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
