On 22 Aug 2013, at 21:28 , Stan Hoeppner s...@hardwarefreak.com wrote:
~$ wget http://ipdeny.com/ipblocks/data/countries/us.zone
~$ sed 's/$/ OK/g' us.zone us.cidr
~$ cp us.cidr /etc/postfix
~$ postfix reload
and you're off to the races.
Interesting idea. I'm in much the same boat.
On 8/24/2013 1:18 PM, LuKreme wrote:
On 22 Aug 2013, at 21:28 , Stan Hoeppner s...@hardwarefreak.com wrote:
~$ wget http://ipdeny.com/ipblocks/data/countries/us.zone
~$ sed 's/$/ OK/g' us.zone us.cidr
~$ cp us.cidr /etc/postfix
~$ postfix reload
and you're off to the races.
On 8/24/2013 3:52 PM, Stan Hoeppner wrote:
On 8/24/2013 1:18 PM, LuKreme wrote:
On 22 Aug 2013, at 21:28 , Stan Hoeppner s...@hardwarefreak.com wrote:
~$ wget http://ipdeny.com/ipblocks/data/countries/us.zone
~$ sed 's/$/ OK/g' us.zone us.cidr
~$ cp us.cidr /etc/postfix
~$ postfix
On 08/22/2013 01:51 PM, Charles Marcus wrote:
[snip]
The simple fact is, we do not have any users based *anywhere* but the
US, so, is what is the simplest way to block any/all non-US based client
connections on my submission port?
[snip]
Hi,
Sometimes it seems like a good solution to
On 08/23/2013 12:47 PM, Mikael Bak wrote:
[snip]
In fact it's not a good idea at all IMO.
People do travel and they need to read and write email while they are
abroad.
Laptop and/or smartphone users will not like your new restriction policy
when they try to get some work done while visiting a
Hi all,
This isn't about spam, this is about blocking obvious attempts to
hack/connect to my submission port.
I know and understand the argument against just blanket blocking hosts
based on the country of origin, but I've recently been seeing random
connections on my submission port from
On 22 Aug 2013 13:52, Charles Marcus cmar...@media-brokers.com wrote:
Hi all,
This isn't about spam, this is about blocking obvious attempts to
hack/connect to my submission port.
I know and understand the argument against just blanket blocking hosts
based on the country of origin, but I've
On 2013-08-22 8:03 AM, Simon B simon.buongio...@gmail.com wrote:
Surely the simplest solution is fail2ban with the false attempts in x
minutes resulting in a 20 minute ban?
No for two reasons...
1. Again, we have ZERO users who are outside the US, so why allow
connections at all?
and
Am 22.08.2013 14:23, schrieb Charles Marcus:
Now to figure out how to log these firewall rejections to a separate log
file, so I can see them if/when someone
complains about not being able to connect
nothing easier than that
* the first rule logs with rate-control to avoid self-DOS
* the
On 8/22/2013 6:51 AM, Charles Marcus wrote:
The simple fact is, we do not have any users based *anywhere* but the
US, so, is what is the simplest way to block any/all non-US based client
connections on my submission port?
Use the us.zone ipdeny file to build a CIDR table to accept any US
On 8/22/2013 9:57 AM, Stan Hoeppner wrote:
On 8/22/2013 6:51 AM, Charles Marcus wrote:
The simple fact is, we do not have any users based *anywhere* but the
US, so, is what is the simplest way to block any/all non-US based client
connections on my submission port?
Use the us.zone ipdeny
11 matches
Mail list logo