Alun wrote: > I'm looking at making a copy of exim run on our site firewall, > intercepting all attempts (from outside) to contact port 25 for every > internal host. There are several reasons for doing this. First off, we > don't publish MX records for everything inside Aber, but some people > manage to quote their addresses wrong (e.g. doing [EMAIL PROTECTED] > rather than [EMAIL PROTECTED]). When they do this it results in mail > getting stuck at the other end as the remote server tries repeatedly to > talk to a closed port. Having a dummy exim sitting on port 25 for our > entire network allows me to bounce these messages immediately. > Secondly, doing this I can maintain a blacklist of portscanning > machines and machines that are trying to use us as an open relay. > Finally I can tarpit the same machines.
I might be missing the point, or several points, here, but why don't you just set up a wildcard MX record for *.aber.ac.uk to point at your real MX? I know that's not much use for the rest of your tarpitting/portscanning stuff but it should solve your main problem, no? Mike -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
