My server qpsmtpd log shows connection attempts such as...
2007-02-20 02:32:18.309731500 12667 Accepted connection 0/40 from
125.27.170.170 / Unknown
2007-02-20 02:32:18.309733500 12667 Connection from Unknown
[125.27.170.170]
2007-02-20 02:32:18.309734500 12667 running plugin (connect): peers
2007-02-20 02:32:18.309735500 12667 trying to get config for peers/0
...and I have yet to identify a single connection attempt attributable
to anything other than UCE/spam or worse. In summary I would like
to early block unknowns ie those whose source cannot be located.
I have installed a custom plugin I've called <nounknown>.
It is a direct lift from your forum's plugin <nodialup> -
the latter works very well - the former does not;~/
Would it be permissable to obtain some assistance?
[nounknown]--------------------
sub hook_connect {
my ($self, $transaction) = @_;
my $remote_ip = $self->qp->connection->remote_ip;
my $remote_host = $self->qp->connection->remote_host;
my $reverse_remote_ip = join (".",
reverse(split(/\./,$remote_ip)));
if ($remote_ip eq $remote_host) {
return (DENYSOFT, "Reverse DNS lookup for $remote_ip
failed.");
}
elsif (($remote_host =~ /$reverse_remote_ip/)
|| ($remote_host =~ /\.'Unknown'\./)) {
return (DENY, "Sorry, $remote_host ($remote_ip) seems to
".
"be unidentifiable, your ISP should remedy.");
}
else {
return DECLINED;
}
}
]--------------------[nounknown]
I operate my own server locally (SME Server 7.1/Centos 4)
and have shell access. Its control panel shows these:
qpsmtpd-0.32-3.el4.sme.noarch.rpm
qpsmtpd-plugins-0.0.1-1.el4.sme.noarch.rpm
I am not a programmer/developer more of a capable tweaker.
----best wishes, Robert
