Our site is being constantly "hit" by spammers using bruteforce tactics looking for valid users.
At present our servers bounce with "no valid user" is this the best tactic? or is it simply better to stop such bounce msgs? while polite, spammers are taking the p*ss.... We are running postfix and spam assassin to tag spam, it is effective in tagging....I am just considering my options in configuring postfix to reject selected connections like my favourite optonline.net. I cannot see that an IPTABLES block is effective, if only because of the shear number of IPs optonline is using (as an example)....and this is just one example, so a DNS name lookup is out.... suggestions please? regards S
