[sclug] dynamic iptables updates for SMTP server
Darren Davison
darren at davisononline.org
Tue Jun 3 10:06:22 UTC 2008
Anyone know if a similar solution to "DenyHosts" [1] exists for SMTP
connections? (doesn't look as if DenyHosts itself is pluggable in any
respect)
My little home network has seen a huge rise recently in the number of
blocked SMTP connections due to RBL checking (from around 300 per day to
around 1200 per day). Most of this is due to a few persistent servers
that just retry the connection several hundred times, ignoring the
failure code from my postfix box.
Ideally, I'd like to add the offending IP address to hosts.deny, or as
the subject of an iptables rule for a period of 24 hours after they make
more than a handful of rejected SMTP connections.
Any pointers appreciated.
Cheers,
[1] http://www.denyhosts.net
--
Darren Davison
Public Key: 0xE855B3EA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://sclug.org.uk/pipermail/sclug/attachments/20080603/3fb35f73/attachment.bin
More information about the Sclug
mailing list