On 2016-08-10 12:00 PM, Erik Andersen wrote: > Hi
>
> Agree, but then your mailserver has do deal with it, refusing it as
> part of the tcp connection will move load away from your mail server.
>
> Rgds There's no way to know at the initial TCP connection what the host will
send in the HELO command. That would be a few packets in. But, as I
said, once you have detected them you could have a script that adds the
IP to a table, and block with iptables based on that...
