[Mimedefang] Anyone noticing...

[Kris Deugau]

Matthew Schumacher wrote:
> If we had gone with iptables we wouldn't be able to leave our abuse,
> postmaster, and support addresses open, and users would be rejected
> without an error message explaining exactly what happened.  Since
> rejected email only costs us one ldap and one sql lookup we will live
> with that since those things are really cheap compared to mimedefang and SA.

iptables blocks in this context (or whatever kernel-level firewall 
system is available) are for the peristent host that simply WILL NOT 
STOP whatever rude activity it's doing.  I've only ever had to use this 
once, against a "freenet" server that was opening SMTP connections ~5 
times a second, starting the SMTP conversation (up to the sender 
IIRC)... and then stalling.  Repeated, increasingly unhappy emails to 
the system's postmaster were accepted with no apparent effect.

My final mail noted that I was dropping their server in my firewall due 
to persistent abuse (and included a short log extract - if I'd really 
been feeling annoyed that day I might have mailed the whole monster 
log), and that if and when they fixed their problem and contacted me 
(through an address handled by a different server) I would remove the 
entry.  I removed it during a cleanup at one point about six months 
later and it hasn't happened again.

-kgd