On Tue, Apr 19, 2016, at 07:56 AM, Noel Jones wrote:
> Nothing unusual here...
On Tue, Apr 19, 2016, at 08:01 AM, Bill Cole wrote:
> It's pretty much "business as normal"
Great, that's what I'm looking for -- some confidence that there's NOT a prob
in my config.
That string of "/000" was just not something I had seen or read about yet.
> but the pointless noise can be
> reduced with "postscreen_greet_action = drop"
Yep. NOT doing that since
"
enforce
Allow other tests to complete. Reject attempts to deliver mail with a 550
SMTP reply, and log the helo/sender/recipient information. Repeat this test the
next time the client connects.
drop
Drop the connection immediately with a 521 SMTP reply. Repeat this test the
next time the client connects.
"
and I DO want to log the bad-actor event. At least the initiation of it. So I
chose == enforce here
> and reduced even further
> with something like fail2ban that watches logs and blocks IPs that
> trigger the PREGREET check.
That's what I end up doing. That way I get a log of the 'noisemaker', AND get
rid of the subsequent noise.
Jason
