Re: [Exim] Blocking incessant relay testers with Exim 4

Top Page
This message is part of the following thread:
M----\the complete thread tree sorted by date
M-+-\MJuha Saarinen at <-
M\M\MMJuha Saarinen at ->
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Juha Saarinen
CC: exim-users
Subject: Re: [Exim] Blocking incessant relay testers with Exim 4
On Wed, 12 Jun 2002, Juha Saarinen wrote:

> As any MTA operator will quickly notice, relay testing by spammers is a
> common occurrence. Worse, many of the idiots doing the testing ignore the
> "Relay not permitted" and carry on testing, over and over again.

1. Contact the idiots' ISP and tell them they have spammers on their
networks. Worse yet, they have DUMB spammers who are too stupid to
realize their relays are failing.

2. If it continues, get your router admin to put an IP level block in to
prevent all traffic from the relevant IP's..

> I'd like to deny SMTP connections to certain hosts and IP blocks, and was
> wondering what is the best way of doing it with Exim 4. I can do it quite
> easily with an ACL on the router, but would prefer to maintain a file with
> host IP address and ranges for the MTA instead.

You can reference such a file from within an ACL.

> Thought host_reject_connection would be the way to go, initially, but
> the Spec says it's better to reject at a later stage. What's the reasoning
> for this?

Some hosts are braindead and will keep trying over and over. Of course,
some will keep trying regardless of where you reject.



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] new acl problemRe: [Exim] new acl problem->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)