On Thu, Dec 09, 2004 at 11:27:27AM +1100, Russell Coker wrote: > On Thursday 09 December 2004 01:12, Craig Sanders <[EMAIL PROTECTED]> wrote: > > the log file noise issue is important to me - i've recently started > > monitoring mail.log and adding iptables rules to block smtp connections
i also wrote another trivial script which fetches a named blackholes.us text file and creates iptables rules to match. not sure if this is a worthwhile experiment - if for no other reason than the fact that iptables doesn't seem to cope well with thousands of rules in a chain (could probably work around that with a chain per country...but i'm probably not going to bother since i'm pretty sure that this is NOT a good thing to do). i'm currently running with korea.blackholes.us completely filtered out as a test. (korea is where most of my spam attempts come from). so far it has blocked over 16000 packets from korea. since all *I* ever get from there is spam and probes from script-kiddies and viruses, that's a Good Thing<tm>. it probably wouldn't be a good thing anywhere other than on my home gateway. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]