On Sunday 29 July 2007, Patrick Shanahan wrote: > * Richard Creighton <[EMAIL PROTECTED]> [07-29-07 15:46]: > > I don't think he wants to block off the public, just someone he has > > detected abusing. > > exactly and I am presently using fail2ban to block: > > [postfix-tcpwrapper] > > enabled = true > filter = postfix > action = hostsdeny[file=/etc/hosts.deny] > mail[name=Postfix, [EMAIL PROTECTED] > logpath = /var/log/mail > bantime = 300 > > which places 554 rejection ip into /etc/hosts.deny, but the firewall > action denying rogue ssh attempts is cleaner, requires less resources > and sees the ip sooner. > > is this correct: > FW_SERVICES_ACCEPT_EXT="0/0,tcp,25,,hitcount=3,blockseconds=120
A better way to do this is with Postfix Anvil. Its already designed into postfix, so why re-invent the wheel? It does it in the proper way. -- _____________________________________ John Andersen
pgpLtXaE6XjbP.pgp
Description: PGP signature
