On 2007-02-20 17:04:21 +0000, Robert Harlow wrote: > My server qpsmtpd log shows connection attempts such as... > 2007-02-20 02:32:18.309731500 12667 Accepted connection 0/40 from > 125.27.170.170 / Unknown > 2007-02-20 02:32:18.309733500 12667 Connection from Unknown > [125.27.170.170] > 2007-02-20 02:32:18.309734500 12667 running plugin (connect): peers > 2007-02-20 02:32:18.309735500 12667 trying to get config for peers/0 > ...and I have yet to identify a single connection attempt attributable > to anything other than UCE/spam or worse. In summary I would like > to early block unknowns ie those whose source cannot be located. > > I have installed a custom plugin I've called <nounknown>.
A similar plugin is already in the contrib directory: http://svn.perl.org/viewcvs/qpsmtpd/contrib/hjp/require_resolvable_client/ It's a little bit stricter as it also checks whether the name returned by the reverse lookup resolves to the right IP address. And it can be enabled on a per-user basis, which is a good thing if not all of your users agree that this is a good filter criterion. > I operate my own server locally (SME Server 7.1/Centos 4) > and have shell access. Can SME server use apt repositories? I've packaged most of my plugins (and a few others) into rpms and put them into an apt repository. If it can, you can put something like rpm http://www.hjp.at/apt redhat qpsmtpd rpm-src http://www.hjp.at/apt redhat qpsmtpd in your apt sources list. Otherwise you can download and install the rpms manually. hp -- _ | Peter J. Holzer | I know I'd be respectful of a pirate |_|_) | Sysadmin WSR | with an emu on his shoulder. | | | [EMAIL PROTECTED] | __/ | http://www.hjp.at/ | -- Sam in "Freefall"
signature.asc
Description: Digital signature
