auto rejecting IP's who try to send to non existent user too often
Posted: 19 Mar 2017 17:43
Can I have your thoughts about this.
My EFA will be working as a gateway for several domains. Some of these domains are old and are getting lots of spam. When I was adding some more DNSBL's and activating recipient verification I saw a few IP addresses trying to send mail to several non existing email addresses. They are not known by the DNSBL's so they can try and try as long as they want. As far as I know postfix doesn't have an option to block them after x attempts, so I wrote a small script which collects these IP's from the log and put them in /etc/postfix/client_checks. It seems to be working and I see several IP's blocked in the logs.
Is there a concern why I shouldn't do that?
Thanks,
Roger
My EFA will be working as a gateway for several domains. Some of these domains are old and are getting lots of spam. When I was adding some more DNSBL's and activating recipient verification I saw a few IP addresses trying to send mail to several non existing email addresses. They are not known by the DNSBL's so they can try and try as long as they want. As far as I know postfix doesn't have an option to block them after x attempts, so I wrote a small script which collects these IP's from the log and put them in /etc/postfix/client_checks. It seems to be working and I see several IP's blocked in the logs.
Is there a concern why I shouldn't do that?
Thanks,
Roger
