Stan Hoeppner wrote, On 04/15/2010 05:16 PM:
CT put forth on 4/15/2010 4:43 PM:
I have several boxes that "check" my relay every 40 seconds to
check that the server is up.
After multiple attempts to get the number of checks reduced I would
like the know the preferred way to block specific IP addresses in Postfix.
I have no issue with checks.. but every 40 seconds is ridiculous.
To accomplish the task in Postfix, blocking only SMTP connections from those
IP addresses:
edit: /etc/postfix/main.cf
smtpd_[client/recipient]_restrictions =
...
check_client_access hash:/etc/postfix/blacklist
...
# [client/recipient] selection depends on whether you use the "everything
under smtpd_recipient_restrictions" style main.cf layout.
create: /etc/postfix/blacklist
...
1.2.3.4 REJECT
4.3.2.1 REJECT
3.2.1.4 REJECT
...
/$ postmap /etc/postfix/blacklist
/$ postfix reload
Simply eh?
<snip>
Stan...
I had ran across your suggestion in my searches but figured I would
ask to be sure I was heading down the right path...
These IP's are on my trusted subnets but I *wasn't* sure of was that if
I did create the blacklist if I also have to create a whitelist for my
"trusted subnets"
Looks like I don't..
and yes very simple.. I like simple.. since there are only
a handful of "top pollers"
and ..Exactly what I was looking for..
Syntax follow up question...
1.2.3.4 <tab> REJECT
or
1.2.3.4 <tab><tab> REJECT
Thx
charles