But the point is OVH servers have no need to access submission, pop3, or imap. I have reduced the attack surface.
I can receive email from OVH servers since I provide no filtering on port 25 other than a few RBLs. I don't condone filtering port 25. Leave that to the RBLs. But don't get in the RBLs sights by hanging out in a bad neighborhood. This list is supposed to support postfix and this conversation has strayed off that topic, granted partially my fault. My apologies. Original Message From: Dominic Raferd Sent: Wednesday, January 4, 2017 1:21 AM To: li...@lazygranch.com Cc: postfix-users@postfix.org Subject: Re: Rate-limiting access to postfix on the firewall, what are decent numbers (depending on overall traffic)? On 4 January 2017 at 08:53, <li...@lazygranch.com> wrote: > Reread. I don't not block port 25. > > I assure you, OVH has been used for C&C by hackers. Angler comes to mind. > > Original Message > From: Dominic Raferd > Sent: Tuesday, January 3, 2017 11:42 PM > To: postfix-users@postfix.org; li...@lazygranch.com > Subject: Re: Rate-limiting access to postfix on the firewall, what are decent > numbers (depending on overall traffic)? > > On 4 January 2017 at 02:16, < > li...@lazygranch.com> wrote: >> >> http://bgp.he.net/AS16276#_prefixes >> I'd switch to 587 and block everything OVH. Actually I do just that since >> OVH is on my Web Access blocking list, which I also use to block all mail >> ports other than 25. >> >> OVH VPS are often used by hackers. I think they are as low as $3 a month. > > > This is rash; we use OVH and we are not spammers - we need a static ip > (as it is not offered by our ISP) and they provide one at a good > price. You risk blocking genuine emails - this one included (except > you may receive it via the list mailserver). It's the false positive risk. 'Some [vps provider X] servers have been used by hackers' does not mean 'all connections from [vps provider X] servers are attempted hacks'. Of course you are entitled to your own decision.
