ok, i think i figured this out. in inetd.conf, i modified the smtp line to read:
smtp stream tcp nowait mail /usr/sbin/tcpd /usr/sbin/exim -bs whenever spam arrives, i simply drop the offending host in /etc/hosts.deny. the reason for this is it seems nicer to reject spam, rather than ignore it (as you would with a procmail filter). that way, the spammers know that you're not listening to them. by filtering, they never know the difference. anyway, the only tweak i think i need to make is with logcheck: Nov 30 11:25:24 exim[7763]: connect from murphy.debian.org Nov 30 11:26:34 exim[7776]: connect from murphy.debian.org Nov 30 11:27:19 exim[7787]: connect from foobar.math.fu-berlin.de Nov 30 11:29:43 exim[7804]: connect from murphy.debian.org Nov 30 11:32:45 exim[7811]: connect from murphy.debian.org Nov 30 11:36:28 exim[7822]: connect from murphy.debian.org Nov 30 11:41:01 exim[7846]: connect from dcn251-11.dcn.davis.ca.us Nov 30 11:51:49 exim[7870]: connect from ig25.optinrewards.com Nov 30 11:56:11 exim[7985]: refused connect from femail8.sdc1.sfba.home.com the wrapper reports each mail connect (and reject). if anything, i'm only interested in what sessions get rejected. other than this, i think this works... pete -- PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D PGP Public Key: finger [EMAIL PROTECTED] _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
