On Fri, Sep 27, 2002 at 11:46:15PM +0800, Pablo Manalastas wrote: > But we already have the technology -- namely "BAD-BOYS-BIND" -- the > DNS, modified to handle/store a database of bad-boys (and girls).
I'm familiar with DNS-based RBLs, and getting most modern MTAs to use them is trivial, so having a local RBL on top of the common free ones might be cool. I believe the problem Orly faces, however, is these really nasty people locking up his smtpds with SYNs. So he wants to block them out completely (not just from SMTP) using IPTables. Aside from wondering what kind of an impact a massive set of rules (Orly's current figure is 2000+) will have on our systems, I wonder if it's possible to extend this to have multiple systems syncing with each other or a central IP repository, updating each set of IPTables rules to block the addresses. And then of course there's the "do we want to do that" question... --> Jijo -- Federico Sevilla III : http://jijo.free.net.ph Network Administrator : The Leather Collection, Inc. GnuPG Key ID : 0x93B746BE _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
