Hello and thank you in advance for any help. I've built an ACL to early
reject connections from really naughty and persistent hosts, which keep
on coming back even after they have been given a permanent error. It
looks like so:
acl_check_connect:
drop message = Temporary ban - too many retries
ratelimit = 5 / 24h / per_conn / readonly
acl_check_helo:
deny message = "Bad HELO (impersonates our host)"
condition = ${if match{$sender_helo_name}{$primary_hostname}}
!ratelimit = 5 / 24h / per_conn / leaky
acl_check_rcpt:
deny message = Relay is not permitted
!domains = +local_domains : +relay_to_domains
!ratelimit = 5 / 24h / per_conn / leaky
I have a few other similar ACL's, which add to the counter when the
conditions above, in the ACL, are true.
Does the above look right? I've had it in place on one server for about
a week, but I can't see in the logs ever kicking in - so now I'm not
sure if the syntax is wrong, or maybe I haven't had any persistent
offenders during this time.