Postfix communicating with IPFW
Dear FQ, I recently got attacked with some dsl subscribers of this (imaginary) some.net domain. These subscribers present themselves as [ip address.dynamic.some.net]. Postfix SMTP server: errors from 66-66-66-166.dynamic.some.net [66.66.66.166] What I would like to do is to generate a some.net list with all these dynamic ip addresses and provide them to my ipfw firewall in order to block them on the moment that they try to relay a 2nd time thru my server. This will cause less process time as it is quicker to send someone home by the doorkeeper (ipfw) rather than check his credentials first (Postfix) and tell him to get lost. Is there any way to let postfix 'communicate' with my ipfw firewall? Jos Chrispijn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix communicating with IPFW
Jos Chrispijn [EMAIL PROTECTED] wrote: I recently got attacked with some dsl subscribers of this (imaginary) some.net domain. These subscribers present themselves as [ip address.dynamic.some.net]. Postfix SMTP server: errors from 66-66-66-166.dynamic.some.net [66.66.66.166] What I would like to do is to generate a some.net list with all these dynamic ip addresses and provide them to my ipfw firewall in order to block them on the moment that they try to relay a 2nd time thru my server. This will cause less process time as it is quicker to send someone home by the doorkeeper (ipfw) rather than check his credentials first (Postfix) and tell him to get lost. True, but Postfix can handle these rejects just fine though YMMV depending on your load and other aspects of your setup to which we aren't privy. Is there any way to let postfix 'communicate' with my ipfw firewall? No, but you can write a script that parses your maillog and accordingly updates firewall rules. Tools like fail2ban are often mentioned here -- check the archives and adapt as necessary. -- Sahil Tandon [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix communicating with IPFW
Sahil Tandon [EMAIL PROTECTED] wrote:
Jos Chrispijn [EMAIL PROTECTED] wrote:
I recently got attacked with some dsl subscribers of this (imaginary)
some.net domain.
These subscribers present themselves as [ip address.dynamic.some.net].
Postfix SMTP server: errors from 66-66-66-166.dynamic.some.net
[66.66.66.166]
One more thing: I use the following PCRE to block dynamic-looking IPs at
SMTP and it really isn't resource intensive.
/\d+([-\.]\d+){3}/ REJECT Generic hostnames prohibited.
--
Sahil Tandon [EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix communicating with IPFW
Thank you all for sharing your expertise! I will follow all the suggestions that have been made in order to solve the matter. Jos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
