Re: Mail relay attempts

To: "Debian-Security@Lists. Debian. Org" <debian-security@lists.debian.org>
Subject: Re: Mail relay attempts
From: "Bernhard R. Link" <brl@pcpool00.mathematik.uni-freiburg.de>
Date: Tue, 27 Aug 2002 17:55:44 +0200
Message-id: <[🔎] 20020827155544.GA26918@pcpool00.mathematik.uni-freiburg.de>
Mail-followup-to: "Debian-Security@Lists. Debian. Org" <debian-security@lists.debian.org>
In-reply-to: <[🔎] 20020827133253.GW21868@taz.net.au>
References: <[🔎] 000501c24dba$af0dd3d0$0700000a@mars> <[🔎] 20020827133253.GW21868@taz.net.au>

* Craig Sanders <cas@taz.net.au> [020827 17:07]:
> On Tue, Aug 27, 2002 at 06:12:51AM -0500, Daniel J. Rychlik wrote:
> PS: actually, the only other thing you could do is set firewall rules
> blocking inbound tcp port 25.  if your mail server is the primary MX for
> your domain then you would also need a secondary MX and open the
> firewall for just that machine.  spammers will still try - the only real
> difference is that you'll get entries in your kernel log rather than in
> your mail log.  if you do this, i recommend using iptables and DROP the
> packet rather than REJECT it....this wastes the spammer's time while the
> connection times out.

As long as it is not so much traffic that the returned packets cost
money, I think a REJECT is much nicer. I do not think timeout due to 
DROP will have noticeable impact to the spammer, but will be the hell 
to anyone trying to investigate why he cannot send you mail.

Hochachtungsvoll,
	Bernhard R. Link
-- 
The man who trades freedom for security does not deserve 
nor will he ever receive either. (Benjamin Franklin)

Reply to:

References:
- Mail relay attempts
  - From: "Daniel J. Rychlik" <daniel@rychlik.ws>
- Re: Mail relay attempts
  - From: Craig Sanders <cas@taz.net.au>

Prev by Date: Re: Mail relay attempts
Next by Date: Re: Mail relay attempts
Previous by thread: Re: Mail relay attempts
Next by thread: Re: Mail relay attempts
Index(es):
- Date
- Thread