Subject: Re: DNS-based firewalling?
To: Mike Parson <firstname.lastname@example.org>
From: Florian Stoehr <email@example.com>
Date: 02/07/2005 17:18:15
On Mon, 7 Feb 2005, Mike Parson wrote:
> On Sun, Feb 06, 2005 at 05:36:53PM +0000, Matthias Scheler wrote:
>> In article <Pine.NEB.firstname.lastname@example.org>,
>> Florian Stoehr <email@example.com>writes:
>>> I want to block all (ALL!) SMTP traffic from the whole "attbi.com"
>>> IP address range for my private mail server.
>> Try adding something like this in "/etc/hosts.allow":
>> sendmail: ALL EXCEPT .attbi.com
>> They'll be able to get a SMTP connection but not to deliver e-mail.
>> But I would really recomment to use a better technology like e.g.
> I've gotta second the greylisting suggestion, the greatest thing to
> happen to email since SpamAssassin. =) Both of them together, I get <1
> spam/month in my INBOX. The 8 or so I got in the last 48 hours wound up
> in my spam folder for later perusal.
> The better way to block a domain is in the mail access file:
> attbi.com REJECT
> makemap hash access <access
> kill -HUP `head -1 /var/run/sendmail.pid`
> My access file has nearly 400 such lines in it. =) Most of it is from
> the pre-SA/pre-GL days, but it still serves it's purpose (according to
> graphdefang, 2058 rejected messages in the last 48 hours, for all of
> bl.org, 8 active users).
> Michael Parson
Yep, meanwhile I use a
config line in postfix' smtpd_client_restrictions section.
Although of course greylisting is better than blocking specific
domains, I agree.
Btw, for me the "reject_unknown_client" blocks 80% of spam,
it's amazing how many spammers try to connect without a proper