Re: [Exim] Blocking incessant relay testers with Exim 4

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Matthew Byng-Maddick
CC: exim-users
Subject: Re: [Exim] Blocking incessant relay testers with Exim 4
On Wed, 12 Jun 2002, Matthew Byng-Maddick wrote:

> On Wed, Jun 12, 2002 at 10:26:49AM +1200, Juha Saarinen wrote:
> > I'd like to deny SMTP connections to certain hosts and IP blocks, and was
> > wondering what is the best way of doing it with Exim 4. I can do it quite
> > easily with an ACL on the router, but would prefer to maintain a file with
> > host IP address and ranges for the MTA instead.
>
> It occurs to me after reading this discussion that in fact rejecting the
> connection before it gets to the SMTP listener isn't necessarily a good
> idea, as this is a temporary error, and you'll still have to pay for the
> bandwidth that they're wasting, because it's getting to your border. If
> you answer every command with a 5xx error, and report them to their ISP,
> that is likely to work better.


The bandwidth to send an RST packet in response to a SYN packet is
fairly trivial. Unless they try to connect continuously, its not likely
to make much of an impact on your bandwidth usage. In fact, its WAY less
than the amount used by even accepting the connection and sending a
5xx..

>
> MBM
>
> --
> Matthew Byng-Maddick         <mbm@???>           http://colondot.net/

>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>



--