|
|
|||
pf and blocking on smtp
I'm using OpenSMTPD for my mail server which is a pleasure compared to Sendmail. At times in my maillog there are attempts made to relay mail from various IPs. Can I add a rule like the one below to stifle any further attempts from that IP? I realize the IPs may and probably will change, but I'd like to add any extra protection I can. I'm currently blocking IPs from N Korea, China, and certain other countries.
Code:
pass quick proto tcp from any to any port 25 \ flags S/SA keep state \ (max-src-conn 15, max-src-conn-rate 5/3, \ overload <bruteforce> flush global) |
|
||||
This will only add IP addresses that match your stateful tracking rule. If the single IP is not flooding your site with new connections, this is unlikely to trip. Have you considered spamd(8)?
|
|
|||
Thanks for the spamd recommendation. It completely slipped my mind although at one time it was on my list to implement.
|
|
|||
Quote:
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Postfix and Dovecot SMTP auth configuration hints | J65nko | OpenBSD Packages and Ports | 0 | 5th February 2010 02:53 AM |
SMTP on non-standard port | guitarscn | OpenBSD General | 7 | 19th July 2009 12:54 AM |
Smtp Auth Help needed | roundkat | OpenBSD General | 4 | 8th May 2009 08:25 PM |
pf blocking php mail | ijk | FreeBSD Security | 7 | 30th October 2008 08:33 PM |
PF Blocking | schrodinger | OpenBSD Security | 6 | 6th October 2008 10:33 PM |