Russell Nelson <[EMAIL PROTECTED]> wrote:
> I'm tired of ORBZ scanning/spamming qmail.org (they run qmail
> themselves; you'd think they would know better). Some days I get more
> spam from ORBZ than all other sources put together.
How often do they re-scan a given host? You'd think they could limit it
to once a month or something for hosts which have never been shown to
relay. Have you contacted them?
> So, I'm going to block their scans on the SMTP level from now on. If
> you want to do this too, and you've configured your system as
> explained in Dave Sill's Life with Qmail, here's what you should do:
>
> echo '205.231.149.25:deny' >>/etc/tcp.smtp
> qmailctl cdb
This is fine, provided they don't just list you in their DB for not
being able to scan you (I don't know if they do this).
Another option would be to use Bruce Guenter's mailfront package. Put
smtpfront-reject right before qmail-smtpd in your smtpd/run file, and
put the following line in tcp.smtp:
205.231.149.25:allow,SMTPREJECT="-ORBZ scans too often; go away"
They will still get an apparently normal SMTP conversation, but their
commands will be rejected with a permanent (5xx) code and the above
message.
Bruce's software is available from untroubled.org.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
-----------------------------------------------------------------------
