[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: blacklists
--On Thursday, December 09, 2004 12:22 +1100 Craig Sanders <cas@taz.net.au> wrote: 


On Thu, Dec 09, 2004 at 11:27:27AM +1100, Russell Coker wrote:

On Thursday 09 December 2004 01:12, Craig Sanders <cas@taz.net.au> wrote:
> the log file noise issue is important to me - i've recently started
> monitoring mail.log and adding iptables rules to block smtp connections
> from client IPs that commit various spammish-looking crimes against my
> system.

Interesting.  Do you plan to package it for Debian?


nope, it's just a trivial script - and one that's probably dangerous to
use if you don't understand what it's doing, and i don't plan on
documenting it beyond comments in the script itself.  in short, it's a
toy for me.

if you want to see it, look in http://taz.net.au/postfix/scripts/

it's called watch-maillog.pl

there's a bunch of other postfix related scripts in there.
One little note about that script, the DROP needs to be changed since basically you're DoSing yourself by hanging a bunch of connections because you suddenly start dropping their inbound packets while still 'in-flight' as it were. postfix's default timeouts are about 300s, so you'll want to turn those down (300s seems too generous to me for most of them anyway)
Reply to: