OT: Blocking persistent spammers using IPTables?
Vincent Verhagen
vincent at zijnemail.nl
Wed Apr 28 08:09:34 IST 2010
Don't see a big issue there. As long as you pick the number of
transgressions relatively high and your expiry time reasonable. I've been
thinking about this for a while, but don't do it because it would mess up
the statistics I provide for management to "prove the need for funding".
I am doing this for ssh and pop3/imap, using SEC to auto-create iptables
rules, to stop brute force attacks.
On Tue, 27 Apr 2010 20:22:08 +0100,
Jason Ede wrote:
We're debating blocking (using IPTables) IP's that
register more than a set number of rejections (554 from spamhaus and other
blacklists or persistently try random address at domain). Before we actually
implement this I'm wondering if there can be any problems with this method?
It will only be used for IP's that try to connect a significant number of
times and we'll have an expiry on each IP so the blocklist doesn't keep
growing indefinitely.
Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20100428/1e04d57e/attachment.html
More information about the MailScanner
mailing list