I've often wanted to do this kind of thing, but my understanding is that proxies and spoofing IPs make selectively blocking bad IPs questionable -- a lot of experienced sysadmins seem to avoid it, whether for ssh or apache or whatever. I dunno, maybe it would work better here for some reason, but the general concern is that legitimate users are likely to get blocked too.
jesse On Jun 20, 2006, at 01:16, [EMAIL PROTECTED] wrote: > > > Hello all, > > > > I have an idea that might help tp reduce the number of incoming > spams. it would also reduce the load of the mail server / > spamassassin / virus scanner since most of the spams would not even > reach the mail server. > > > > Since I'm not a perl expert, I hope someone likes the idea and > implement it. > > > > idea: > > > > The script would scan the QS log for mails, getting large hit [more > than 15.0-20.0 points] > > If a host sends more than X mails with large hits within a given > time window, the script would put the host onto the tcpserver's > deny list with timestamp for Y hours. > > This script has to have whitelist as well. > > > > Who knows, later it could be a part of the QS package. > > > > What do you think? > > > > Gabor > > _______________________________________________ > Qmail-scanner-general mailing list > Qmail-scanner-general@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general _______________________________________________ Qmail-scanner-general mailing list Qmail-scanner-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
