----- Original Message -----
From: "Matthew Byng-Maddick" <exim@???>
To: <exim-users@???>
Sent: Monday, November 03, 2003 7:30 AM
Subject: Re: [Exim] Columbian Spammer
> On Mon, Nov 03, 2003 at 12:21:44PM +0000, will wrote:
> > It was about 2 lines of IPTables in a 'firewall' script started with the
> > init scripts. I just used '-j DROP', no point in politely informing the
> > spammers program that the connection had failed and that is should retry
;-)
>
> You could, of course, have achieved the same effect by just pulling the
> uplink out of the back of your mailserver.
>
> Probably would have achieved the same effect.
>
> MBM (hates people who drop packets rather than simulating closed ports,
makes
> it really hard to debug whose network is the problem)
>
> --
> Matthew Byng-Maddick <mbm@???>
http://colondot.net/
>
Well, personally, if I find someone trying to hack into my computers, or
attempting to abuse services (such as the case above), then I don't give a
D*** about giving THEM problems trying to debug anything related to MY
network. Why should I waste ANY bandwidth trying to make their lives easier?
It's pointless. Heck, why help them get on with abusing someone else all the
quicker?
If someone earns a blacklisting, I say "drop the packets."
And no, it's very much NOT the same as "pulling the plug." My REAL clients
simply have more bandwidth available for LEGITIMATE packets.
Sorry to step on your pet peeve, MBM, but that's the way I think about it. Go
ahead and hate me if you like. :(
And, just to be clear, I have a process in place for removing IPs from my
blacklist after a period of time, so as avoid hurting those who inherit
previously abused IPs.
Jim Roberts
Punster Productions, Inc.
