Re: Mail relay attempts
* Quoting Craig Sanders (cas@taz.net.au):
>
> PS: actually, the only other thing you could do is set firewall rules
> blocking inbound tcp port 25. if your mail server is the primary MX for
> your domain then you would also need a secondary MX and open the
> firewall for just that machine. spammers will still try - the only real
> difference is that you'll get entries in your kernel log rather than in
> your mail log. if you do this, i recommend using iptables and DROP the
> packet rather than REJECT it....this wastes the spammer's time while the
> connection times out.
Drop doesn't really prevent scans and spammers
will scan for open ports first.
If you really want to achive something like that,
you should install a 'Teergrube':
http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html
- Rolf
Reply to: