[Mimedefang] Blocking IP #
Kenneth Porter
shiva at sewingwitch.com
Thu May 5 13:02:09 EDT 2005
--On Thursday, May 05, 2005 5:16 PM +0100 Paul Murphy
<pmurphy at ionixpharma.com> wrote:
> If the infection uses random
> names for the sender and recipients, this works very well, but it does
> also lead to a large number of entries in your greylisting database,
> which under extreme circumstances will add to your problems.
I think it was on the Fedora developers list where I saw someone suggest
the use of the "recent" match type in iptables to firewall recent matches
against some other rule. There's also an ipset match that can be used to
match large lists of addresses. The trick is to convert the dictionary
attacks into firewall entries. Perhaps those with scripts that do this
could post them to the wiki.
More information about the MIMEDefang
mailing list