Hi Christian, yes you are absolutely correct... this runbook was thrown together... for lads in trouble... I will look at updating it ...
Legend thanks for the feedback Thanks Tom Smyth On Tue, Jul 19, 2016 at 3:03 PM, Christian Kellermann <ck...@pestilenz.org> wrote: > Hi! > > * Tom Smyth <tom.sm...@wirelessconnect.eu> [160719 15:48]: > > 1)# Turn off MTA ... this will let our mail server accept mail but it > wont > > forward it ... > > smtpctl pause mta > > 2) less /var/log/maillog # this will let you look for the offending > > Source IP ... > > 3) edit /etc/pf.conf and replace SPAM_SRC_IP with ip of spammer > > block in quick on egress proto tcp from SPAM_SRC_IP > > 4) pfctl -nf /etc/pf.conf # check the syntax of the firewall rule > > set (no output is good) > > 5) pfctl -f /etc/pf.conf # load the rule set > > 6) pfctl -sr # show firewall rule set > > Using a blacklist in smtpd.conf and updating that list would spare you > the troubles of touching the packet filter rules. > > Or am I missing something? > > Kind regards, > > Christian > > -- > May you be peaceful, may you live in safety, may you be free from > suffering, and may you live with ease. > -- Kindest regards, Tom Smyth Mobile: +353 87 6193172 --------------------------------- PLEASE CONSIDER THE ENVIRONMENT BEFORE YOU PRINT THIS E-MAIL This email contains information which may be confidential or privileged. The information is intended solely for the use of the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic transmission in error, please notify me by telephone or by electronic mail immediately. Any opinions expressed are those of the author, not the company's .This email does not constitute either offer or acceptance of any contractually binding agreement. Such offer or acceptance must be communicated in writing. You are requested to carry out your own virus check before opening any attachment. Thomas Smyth accepts no liability for any loss or damage which may be caused by malicious software or attachments.