Hi All, I'm sure this effects just about everyone out there who runs a mail server.
Every so often we have spammers hammering our mail servers (running Exim) attempting to relay messages. They fail of course, however they sit there, some times for several weeks, attempting e-mail address after e-mail address. This of course wastes our bandwidth, server resources, and fills our rejectlog with thousands of failed attempts. What I would like to do, is after three attempted message relays, the IP address gets blocked via ipchains/iptables so it can no longer access port 25. The two options I can see so far are either a program monitoring the rejectlog file to detect abuse, or an exim filter. Has anyone attempted to or setup a system like this? I await your thoughts. Andrew Tait System Administrator Country NetLink Pty, Ltd E-Mail: [EMAIL PROTECTED] WWW: http://www.cnl.com.au 30 Bank St Cobram, VIC 3644, Australia Ph: +61 (03) 58 711 000 Fax: +61 (03) 58 711 874 "It's the smell! If there is such a thing." Agent Smith - The Matrix -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
