Re: [Exim] Blocking incessant relay testers with Exim 4

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Juha Saarinen
Date:  
À: Marc Perkel, Dave C.
CC: exim-users
Sujet: Re: [Exim] Blocking incessant relay testers with Exim 4
Marc Perkel wrote:
> Here's something I run on my linux server to block IP addresses.
>
> #!/bin/sh
> #
> # Firewall Rules - This section provides a front end to pre-filter
> # traffic coming in.
>
> # The idea is that this can filter hackers from known IP address
> # and filter packets before they even atempt to talk to services
>
> # --- Clear the Tables
>
> iptables -v -F INPUT
>
> # --- Filter Hackers
>
> # The file /etc/ipblocked contains a list of IP addresses that are
> blocked # on this system. These are IPs of people who have tried to
> hack us.
>
> if [ -f /etc/ipblocked ]; then
>    for i in $( cat /etc/ipblocked ); do
>       iptables -v -A INPUT -s $i -j DROP
>    done
> fi

>
> ipblocked file looks like this:
>
> 147.32.109.5
> 200.61.75.149
> 217.10.192.19/24
> 193.85.2.87


Neat. I could run a small IPTables rule on the MTA server, instead of
burdening the router with yet another ACL.

Cheers,

--
Juha