OT: Blocking persistent spammers using IPTables?

Michael Masse mrm at medicine.wisc.edu
Wed Apr 28 19:02:49 IST 2010

>>> On 4/28/2010 at 12:27 PM, in message
<7C62BFED4DC0CE488F93865D83A61E64020B4872 at sprocket.columbiafuels.com>, "Philip
Parsons" <pparsons at columbiafuels.com> wrote:
> If you are using MailScanner you should look into a program called Vispan.  
> IT scans the maillog and compiles lists of ips to automatically block 
> according to whatever criteria you put in place.  The good thing is that it 
> releases the ip after 5 days as most spammers are using DHCP, but if the same 
> machines starts to spam again it then blocks it for 10 days and so for and so 
> long.  Also has a nice little web based stats page.

I second this.   I've been using VISpan for a long time and it works well at blocking persistent spammer IP's.   It blocks at the MTA level and not the network level, but since we're talking about a software firewall (IPTables) my guess is that the difference between the two in cpu utilization and network traffic is negligible even on very busy systems.


More information about the MailScanner mailing list