Re: Mail relay attempts

To: "Debian-Security@Lists. Debian. Org" <debian-security@lists.debian.org>
Subject: Re: Mail relay attempts
From: Rolf Kutz <kutz@netcologne.de>
Date: Tue, 27 Aug 2002 18:10:04 +0200
Message-id: <[🔎] 20020827161004.GA3019@afrika>
Mail-followup-to: "Debian-Security@Lists. Debian. Org" <debian-security@lists.debian.org>
In-reply-to: <[🔎] 20020827133253.GW21868@taz.net.au>
References: <[🔎] 000501c24dba$af0dd3d0$0700000a@mars> <[🔎] 20020827133253.GW21868@taz.net.au>

* Quoting Craig Sanders (cas@taz.net.au):
> 
> PS: actually, the only other thing you could do is set firewall rules
> blocking inbound tcp port 25.  if your mail server is the primary MX for
> your domain then you would also need a secondary MX and open the
> firewall for just that machine.  spammers will still try - the only real
> difference is that you'll get entries in your kernel log rather than in
> your mail log.  if you do this, i recommend using iptables and DROP the
> packet rather than REJECT it....this wastes the spammer's time while the
> connection times out.

Drop doesn't really prevent scans and spammers
will scan for open ports first.

If you really want to achive something like that,
you should install a 'Teergrube':

http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html

- Rolf

Reply to:

References:
- Mail relay attempts
  - From: "Daniel J. Rychlik" <daniel@rychlik.ws>
- Re: Mail relay attempts
  - From: Craig Sanders <cas@taz.net.au>

Prev by Date: Re: Mail relay attempts
Next by Date: Re: static sshd
Previous by thread: Re: Mail relay attempts
Next by thread: RE: Mail relay attempts
Index(es):
- Date
- Thread