Re[2]: [Exim] helo acl

Góra strony
Delete this message
Reply to this message
Autor: Richard Welty
Data:  
Dla: exim-users
Temat: Re[2]: [Exim] helo acl
On Fri, 22 Aug 2003 19:50:58 -0400 Wakko Warner <wakko@???> wrote:

> > for some time, i've been mechanically doing all of my acl stuff in the
> > recipients check, based on conventional wisdom that 5xx gets listened
> to
> > best after RCPT TO:


> I've heard this as well. If there is a host that bangs on my server, I
> drop
> their IP into my firewall.


my server is in colo, there is no firewall. for clients of mine that have
firewalls, i do try and choke off bad remote hosts as early as possible.

...
> I'd prefer to put ones like this into the connect acl.


good idea. i've only just started considering alternative acl placements
for rules.

> Might not be a bad idea to temporarily firewall out anyone who HELOs
> with a
> name that doesn't have a dot (only due to sobig). I've seen tons of
> connections from the same host sending sobig


i think it's a good idea when you have control over a firewall. best i can
do is tcp wrappers (which i have done when i've gotten tired of looking at
certain connection requests in my rejectlog.)

richard
--
Richard Welty                                         rwelty@???
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security