On Wed, Aug 18, 2004 at 02:53:40AM +0800, Jason Wong wrote: > If you're running qmail using tcpserver then block it using tcprules. What I > have done is modify my qmail-scanner so that after scanning it checks whether > there was a problem with the mail. Something like this:
Too right. I don't see any point with fiddling around with KERNEL LEVEL things like iptables, when there is an application that can do the same thing for you. In fact, why not "do it right", and instead of blocking them with tcpserver, just let rblsmtpd deal with it. i.e. using whatever your triggering condition is (that sounds like the hardest part to me to get right...), create a local RBL record with a limited lifespan. Then ensure you are using rblsmtpd, and that it points at your local RBL server as one of it's options. The advantage with this approach would be that it would be more scalable (as it's a network call away, you can have >1 server making use of the data). The downside is that may be more complex than you'd like (running your own RBL DNS server). Another option would be to set RBLSMTPD within tcpserver's rules file which makes rblsmtpd set reject messages appropriately. Sees docs for details -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
