MBM wrote:
> On Mon, Nov 03, 2003 at 12:21:44PM +0000, will wrote:
>> It was about 2 lines of IPTables in a 'firewall' script started with
>> the init scripts. I just used '-j DROP', no point in politely
>> informing the spammers program that the connection had failed and
>> that is should retry ;-)
>
> You could, of course, have achieved the same effect by just pulling
> the uplink out of the back of your mailserver.
>
> Probably would have achieved the same effect.
>
> MBM (hates people who drop packets rather than simulating closed
> ports, makes it really hard to debug whose network is the
> problem)
Somehow I don't really care if a spammer has problems identifying
network problems. The more problems I can cause them the better.
I believe that Will has the intelligence (and so do I) to be able to
descern between someone misconfiguring their MX and slimy little spammer
attempting to abuse a mail server.
I too maintain a list of IP's from which I never wish to receive mail.
Firstly, I firewall persistantly annoying individual IPs that continue
to attempt to relay through my servers even though they are continually
denied. There is 1 IP in this range right now and he was previously
blocked by sbl.spamhaus.org. 211.163.115.37. Die spammer, die.
Secondly, I maintain an RBL that drops all postmaster abusers. Finally,
after allowing someone to post to the postmaster, I drop everyone who
has attempted to relay through my servers via another RBL (along with
normal RBL's).
I find this a perfect solution for my needs and causes no collateral
damage to anyone who matters. I can tell by the tone of your last 2
posts that you seem to have a different position, and well, good for
you. To each his own.
Ted.