[Mimedefang] Blocking IP #
Paul Murphy
pmurphy at ionixpharma.com
Thu May 5 12:16:38 EDT 2005
Joey,
Yes, you can use the access DB to specifically deny traffic from specified
domains and/or IP addresses:
terra.com.br REJECT
200.171.34. REJECT
These block a domain and a whole class C range respectively. Connections from
these will still be accepted by Sendmail, but will then be failed with a 5xx
error code during the conversation. Since you don't have to accept the message,
and therefore don't have to scan it, it will save you bandwidth and CPU.
However, there are two better approaches -
1. Firewall blocks - this saves you the Sendmail connection and DB lookup
completely, which may help with system load if you are getting a very high
number of connection attempts concurrently
2. Greylisting in MIMEDefang - every virus I've ever come across which has its
own mail engine embedded in it is incapable of queueing messages, so they are
all rejected by greylisting and never come back. If the infection uses random
names for the sender and recipients, this works very well, but it does also lead
to a large number of entries in your greylisting database, which under extreme
circumstances will add to your problems.
Best Wishes,
Paul.
__________________________________________________
Paul Murphy
Head of Informatics
Ionix Pharmaceuticals Ltd
418 Science Park, Cambridge, CB4 0PA
Tel. 01223 433741
Fax. 01223 433788
_______________________________________________________________________
DISCLAIMER:
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to which they
are addressed. If you have received this email in error please contact
the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741
_______________________________________________________________________
More information about the MIMEDefang
mailing list