Hi,
Mar Matthias Darin wrote:
[1-4]
> 5. If all you are seeking to do is block a cidr range (ex: 10.0.0.0/8),
> your firewall would be a better option.
Currently the pattern looks like this:
deny hosts = \N^.*(adsl|pool)\..*$\N : \N^.*-dyn.*\..*$\N
: \N^.*pool.*$\N : \N^.*[0-9]+-[0-9]+.*$\N
and i consider this setting better, then setting /etc/hosts.deny to
block countries (.pl, .kr, .tw etc). I realise that i may be producing
FPs, but having countries excluded from SMTP may have produced even more
FPs.
Until yesterday i was using a cidr-based blocking in exim (hostlist
host_reject_rcpt = ${lookup mysql {SELECT concat(host, ' : ') from
host_reject order by host}}) but the list got out of hand:
mysql> select count(*) from host_reject;
+----------+
| count(*) |
+----------+
| 1072 |
+----------+
this is way too much. so i decided to block by name, deal with hosts
that have no revdns and transform the host_reject_rcpt list to an
exception list.
Thanks for the help, and for the comments very much!
adam
