SOLVED(2) Re: [exim] slowing spammers with iptables -m recen…

Top Page
Delete this message
Reply to this message
Author: Tony Godshall
Date:  
To: Exim users list
Old-Topics: SOLVED Re: [exim] slowing spammers with iptables -m recent
Subject: SOLVED(2) Re: [exim] slowing spammers with iptables -m recent
> > > #reject for 40 seconds each time we get a smtp_penalty_box hit
> > >   iptables -A INPUT \
> > >     -m recent --name smtp_penalty_box --rcheck --seconds 40 \
> > >     -j DROP


...

> > We do something not entirely unlike this with an ACL.
> >
> > defer condition = ${if and {{! def:acl_c2} \

...

> > If you're starved for resources you might not want to do this since
> > you might be holding on to a lot of connection from spammers. We
> > haven't found this to be much of a problem, however, since I suspect
> > that a lot of spammers break the connection when they're not allowed
> > to send mail at the rate they want.
> >
> > I think this is a neat trick, but I can't take credit for it. Kjetil
> > Homme is the one that came up with it.
>
> Outstanding. Thank you sir.


Turns out the wheel I was trying to invent is called
"greylisting" and was already well invented and implemented
in the form of greylistd...

http://packages.debian.org/unstable/mail/greylistd
http://projects.puremagic.com/greylisting/

It doesn't tarball the spammers but it does slow bad actors
and prioritize good actors. It's working great.

Thanks all who responded.

T