On 06/08/16 11:34, Jason wrote: > I have Postfix, Dovecot and Amavis on my Ubuntu server. Recently, I get > every 4 minutes a connection from IP 155.133.82.96, which appears to be > Windows XP and maybe has a virus. Anyway, I found the way (after a lot > of Googling) to make my Postfix not delay client access checks and I > reject that IP based on a custom blacklist. However, it stays around for > a while. > > I want to find a more radical way to forcibly disconnect the IP when the > check has finished and the IP hasn't passed it. How can I do that? (I > seek a Postfix solution, not iptables or similar)
This may not work for you, but I reject all incoming mail connections directly from Windows hosts at my firewall. They are overwhelmingly likely to be botnet spam zombies. If it's a legitimate mailserver, it will fall back through my backup MX. If it doesn't, the odds are I didn't want the mail anyway. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: 603.293.8485
