Re: [Exim] helo acl

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMDarren Casey \(Personal\) at <-
MRandy Bush at ->
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: Richard Welty
CC: exim-users
Subject: Re: [Exim] helo acl
Please keep me in the CC.

> > I've heard this as well. If there is a host that bangs on my server, I
> > drop
> > their IP into my firewall.
>
> my server is in colo, there is no firewall. for clients of mine that have
> firewalls, i do try and choke off bad remote hosts as early as possible.

Running linux? If so, enable ip filtering and use iptables. That's the
firewall I was refering to.

> ...
> > I'd prefer to put ones like this into the connect acl.
>
> good idea. i've only just started considering alternative acl placements
> for rules.
>
> > Might not be a bad idea to temporarily firewall out anyone who HELOs
> > with a
> > name that doesn't have a dot (only due to sobig). I've seen tons of
> > connections from the same host sending sobig
>
> i think it's a good idea when you have control over a firewall. best i can
> do is tcp wrappers (which i have done when i've gotten tired of looking at
> certain connection requests in my rejectlog.)

since exim has the ability to block in acls at connection time, tcpwrapers
were useless to me.

--
Lab tests show that use of micro$oft causes cancer in lab animals


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] [Feature-Request] syslog from filter filesRe: [Exim] Default values in single-key lookups->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)