OT: Blocking persistent spammers using IPTables?
Michael Masse
mrm at medicine.wisc.edu
Wed Apr 28 19:02:49 IST 2010
>>> On 4/28/2010 at 12:27 PM, in message
<7C62BFED4DC0CE488F93865D83A61E64020B4872 at sprocket.columbiafuels.com>, "Philip
Parsons" <pparsons at columbiafuels.com> wrote:
> If you are using MailScanner you should look into a program called Vispan.
> IT scans the maillog and compiles lists of ips to automatically block
> according to whatever criteria you put in place. The good thing is that it
> releases the ip after 5 days as most spammers are using DHCP, but if the same
> machines starts to spam again it then blocks it for 10 days and so for and so
> long. Also has a nice little web based stats page.
>
I second this. I've been using VISpan for a long time and it works well at blocking persistent spammer IP's. It blocks at the MTA level and not the network level, but since we're talking about a software firewall (IPTables) my guess is that the difference between the two in cpu utilization and network traffic is negligible even on very busy systems.
-Mike
More information about the MailScanner
mailing list