* Quoting Craig Sanders ([EMAIL PROTECTED]): > > PS: actually, the only other thing you could do is set firewall rules > blocking inbound tcp port 25. if your mail server is the primary MX for > your domain then you would also need a secondary MX and open the > firewall for just that machine. spammers will still try - the only real > difference is that you'll get entries in your kernel log rather than in > your mail log. if you do this, i recommend using iptables and DROP the > packet rather than REJECT it....this wastes the spammer's time while the > connection times out.
Drop doesn't really prevent scans and spammers will scan for open ports first. If you really want to achive something like that, you should install a 'Teergrube': http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html - Rolf
