Stan Hoeppner a écrit : > vtzan put forth on 12/11/2009 5:26 AM: >> Hello all, >> >> I need to reject smtp connection from certain ip inside my network >> (SPAMMER). > > If this is the case, it may be more effective and expedient to drop > _all_ his traffic inbound to your Postfix host. > > iptables -I INPUT -s xxx.xxx.xxx.xxx -j DROP > > That works for Linux, not sure about *BSD. >
# cat /etc/pf.conf ... discard="block drop quick" int_if="re0" ... table <banned> persist file "/etc/pf/banned.net" ... $discard on $int_if from <banned> to any label "banned" isn't it nice? > This is what I would do if someone in my network was spamming. Cut him > off at the knees, and prevent him from attacking your system's other > service ports. agreed. now, OP configuration should work. but he didn't show logs and he didn't show the actual configuration (at least, we can doubt his config matches his claim).
