Already have a home grown log scrapper dynamically managing (add/remove)
firewall rules and love the results.
Not only have bad behaving bots disappeared but there seems to be fewer spam
attempts for unique clients as well. Leaving log files much less cluttered
and much smaller. When I say disappeared, I mean they don't even bother
hitting the firewall anymore. It's a thing of beauty.
Was hoping though that Postfix would have means of initiating action (a
system command) upon client restrictions results. That would be a preferred
method rather than periodically scraping logs.
I figure if they are just going to get blocked by an RBL anyway, why not
stick them in an SMTP_RBL firewall and keep them out of the logs. A thing
of beauty.
fail2ban does look like good tool though. If didn't already have home grown
solution would give it a whirl.
--------------------------------------------------
From: "Dudi Goldenberg" <d...@kolcore.com>
Sent: Thursday, July 01, 2010 11:29 PM
To: <junkyardma...@verizon.net>; <postfix-us...@cloud9.net>
Subject: RE: System Command on Client Restriction Rejection
Is it possible to execute a system command upon the following smtpd
client
restriction rejections?
smtpd_client_restrictions =
reject_rbl_client zen.spamhaus.org,
reject_unknown_reverse_client_hostname,
reject_unknown_client_hostname
Would like to automate insertion of client IP address into IP Tables
firewall rule.
Take a look at fail2ban,
http://www.fail2ban.org/wiki/index.php/Main_Page
D.
