also sprach Yaroslav Halchenko <[EMAIL PROTECTED]> [2006.07.11.2133 +0200]: > [Postfix] > enabled = true
Please don't enable it by default. > > Not a bad idea; some thoughts: make sure you include the 5xx in the > > regexp to ensure that clients that legitimately come back don't get > > banned. > Didn't get it -- why ligitimate users will have "Recepient address > rejected" but will not have 5xx code? Local DNS failures and similar stuff, that will make postfix return 4xx instead. > > Also, I'd propose to make any such rules for mail match > > a high number in a small period of time, like say 5 log entries in > > 15 seconds. > any advantage over 5 failures in 5 minutes? to don't ban ligitimate > users abusing the mail server? ;-) I don't think mail server will retry > on "unknown recepient" error from the server, or am I wrong? See above, but if you include 5xx it should be okay. Anyway, still, spammers tend to hammer, so catch them on that. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' : proud Debian developer and author: http://debiansystem.info `. `'` `- Debian - when you have better things to do than fixing a system
signature.asc
Description: Digital signature (GPG/PGP)
