using Vispan with MailScanner

Alex Neuman van der Hans alex at
Thu Dec 7 00:24:34 GMT 2006

YMMV. Check your logs for a few months/weeks back, grep for IP 
addresses, then "sort -u" the list, and look for major ISP IPs. 
Whitelist those.

You can also use mailwatch to see who your biggest senders/receivers 
are, then find out what their MX's are and whitelist them as well.

As long as the iptables command is -A DROP or -A REJECT and you've -I 
ACCEPT'ed (meaning they'll go to the top of the table and override), you 
should be all set.

.. that's what I think I'd do in that situation.

Michele Neylon :: Blacknight wrote:
> Brad Beckenhauer wrote:
>> Using Postfix and Vispan.
>> I block it at the firewall.  Keeps the log file size down and iptable
>> dropped connections to not get reflected in the in the graphs.
> Surely that's a bit dangerous?
> What if a major ISP's SMTP is being abused?

More information about the MailScanner mailing list