On 23 December 2012 16:41, Mark Ford <t447806929...@googlemail.com> wrote:
> Here is a shortened version of the output from iptables-save (full version
> simply has more "-A pests" lines).
>
> # Generated by iptables-save v1.4.8 on Sun Dec 23 16:24:43 2012
> *filter
> :INPUT ACCEPT [252417:278747603]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [255016:258290199]
> :pests - [0:0]
> -A INPUT -p tcp -j pests
> -A pests -s 1.85.17.0/24 -p tcp -j DROP
> -A pests -s 67.228.245.0/24 -p tcp -j DROP
> COMMIT
> # Completed on Sun Dec 23 16:24:44 2012
>
>
> Here is the complete header from the spam email...
[snipped]
I would trust what you find in /var/log/{mail,exim} more readily than
Received: lines in a spam mail, no matter how correctly you think
you're reading them. I'd check there instead.
As an aside, I wouldn't block /24s like this myself. Use something in
protocol (i.e. configured in Exim), perhaps, and be /really/ careful
about blocking entire /24s. The collateral damage could be more than
you intended.
Cheers,
Jonathan
--
Jonathan Matthews // Oxford, London, UK
http://www.jpluscplusm.com/contact.html
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cakstx7a_nwcj81ewwfv+h8n4aunhtuebd3hft_jjnc0ho60...@mail.gmail.com
