* On 23/06/06 21:07 +0100, Chris Lightfoot wrote:
| On Fri, Jun 23, 2006 at 10:40:25PM +0300, Odhiambo G. Washington wrote:
| [...]
| > What I want is to reduce the processing consequent
| > upon spammer transaction, because again, I have disabled spam
| > filtering on the hidden box, instead doing it on the new MX. That
| > new MX is listed as the "highest priority", so everyone delivering
| > mail by MX should be connecting to it.
|
| ok. so any legitimate connections are from customers who
| will either (a) be connecting from a legitimate IP range;
| or (b) will authenticate before trying a mail transaction.
That is correct!
| So can you not, in the MAIL FROM ACL, drop the connection
| immediately if the user is not in classes (a) or (b)? Or
| are there MUAs which try MAIL FROM and only then
| authenticate?
They use all sorts of MUAs.
| The overhead of doing this should be minimal -- the typical
| spammer would issue ``HELO whatever'', then
| ``MAIL FROM: <whatever>'', and would immediately have the
| connection dropped. Or you could reject the MAIL FROM:
| command -- I assume that would have the same effect.
So basically, you are saying that I should forget about dropping
the connections at acl_smtp_connect and instead shift to either
acl_smtp_helo or acl_smtp_mail, yes?
| (I'm not sure how to drop the connection immediately in an
| ACL -- I thought there might be a control command to do
| it, but in extremis you could, e.g., write a perl function
| that exits the current process, though that's ghastly.)
At acl_smtp_connect, we know the IP address, so at that point
is where I wanted to drop all IPs coming from outside Kenya.
cheers
- wash
+----------------------------------+-----------------------------------------+
Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE) |
wash () WANANCHI ! com . 1ere Etage, Loita Hse, Loita St., |
GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI |
GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"
--from a /. post