I'm using OpenSMTPD for my mail server which is a pleasure compared to Sendmail. At times in my maillog there are attempts made to relay mail from various IPs. Can I add a rule like the one below to stifle any further attempts from that IP? I realize the IPs may and probably will change, but I'd like to add any extra protection I can. I'm currently blocking IPs from N Korea, China, and certain other countries.
Code:
pass quick proto tcp from any to any port 25 \
flags S/SA keep state \
(max-src-conn 15, max-src-conn-rate 5/3, \
overload <bruteforce> flush global)