My recently installed Postfix works as I'd hoped; I moved it into full production as our corporate server yesterday.
There's one annoyance, and I admit that's all it is, that I'd like to get rid of. *Noisy* pests. They irritate me. I'm interested in what others do in similar circumstance. My 'smtpd_recipient_restrictions' includes checks against DNSBLs, e.g. spamhaus. The typical log pattern for a successful block is 5-10 of these: May 2 08:13:26 liam postfix/smtpd[17563]: NOQUEUE: reject: RCPT from 206.pool85-50-110.dynamic.orange.es[85.50.110.206]: 554 5.7.1 Service unavailable; Client host [85.50.110.206] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=85.50.110.206; from=<hyphenates...@financial-tracking.com> to=<....@......> proto=ESMTP helo=<livebox> within 5 minutes, then another round or few every 4-12 hourse for a couple of days. I'll end up with 10-100 log entries effectively documenting the fact that each pest is a pest. Postfix does what it's supposed to, and blocks them. I'd like to do two things: (1) limit log entries for these items with a logical condition: If this connection rejection has been previously attempted and rejected more than Z times within the last YY minutes, then reject as usual, but do not bother to log for the next XXXX minutes. Just reject silently. (2) communicate with a firewall on another box to act according to similar logic: If a connection attempt has been made and rejected more than ZZ times within the last YYYY minutes, then add the offending IP to an IPTABLES firewall rule on another box I suspect (1) is doable in Postfix configutation, but I haven't noticed the right parameter yet. Is it 'in' Postfix? For (2) I've starting looking at Fail2Ban. Seems like it might work. Is there something more native to Postfix that's available? Or a better recommendation? -- Thanks, Karen