"Chris" <[EMAIL PROTECTED]> wrote:
Hello there,
I was wondering if anyone has a method of blocking repeat offenders?
ie...
perhaps a certain ip address has already violated the early talker
rule, a dns rbl, or rhsbl rule. I'd like to be able to soft deny
them for a configurable amount of time.
It might also be interesting to hold them down for a longer period of
time if they continue to connect repeatedly after the soft fail.
Yup. Matt Sergeant wrote an article for O'Reilly Network last year and
in it he develops exactly that, a "repeat offender" module that watches
for repeatedly denied IP addresses and locally blacklists them, as an
example of how to write your a plugin:
It's linked on the Qpsmtpd homepage:
Articles and Documentation
Using Qpsmtpd by Matt Sergeant (O'Reilly Network article)
http://www.oreillynet.com/pub/a/sysadmin/2005/09/15/qpsmtpd.html
-dave
