[Mimedefang] Blocking spam senders using IPTables?
Paul Murphy
pmurphy at ionixpharma.com
Wed Nov 3 05:51:51 EST 2004
James,
> Seems to me this would be much better served implemented as a DNSRBL than a
> iptables solution. By using your own DNSRBL, you would have a scalable, RFC
> compliant solution that still drops the connection well before the "data"
> phase and before any mimedefang/SA processing, if you implement the DNSRBL
> inside your mail server software itself.
You've missed my point - RBL lists have their place, but when the sender is
badly behaved, they add nothing to the solution.
My scenario is a sender who keeps trying no matter how many times we send a 5xx
response code, and who in some cases uses a mailer which stuffs the whole
message down the connection before you even get a chance to say hello. Even
using a RBL, the bandwidth has been used, and the system has incurred the load
of handling the packets and doing lookups. The greeting delay feature
introduced in the latest Sendmail incarnation also doesn't help, as the greeting
is ignored and the Sendmail daemon still has to process the queued packets.
At the IPTables level, Sendmail never sees the packets, and the very limited
processing is done by the kernel using optimised packet matching and filtering
routines.
Best Wishes,
Paul.
__________________________________________________
Paul Murphy
Head of Informatics
Ionix Pharmaceuticals Ltd
418 Science Park, Cambridge, CB4 0PA
Tel. 01223 433741
Fax. 01223 433788
_______________________________________________________________________
DISCLAIMER:
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to which they
are addressed. If you have received this email in error please contact
the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741
_______________________________________________________________________
More information about the MIMEDefang
mailing list