On 01/07/10 18:43, lee wrote:
On Thu, Jul 01, 2010 at 03:58:24PM +0100, Alan Chandler wrote:
first /etc/fail2ban/jail.local to define the jail for exim (as it is
not included as standard in the Debian configuration). This just
required a few simple lines
One downside seems to be that it creates lots of exim processes, and
I am not sure why yet. It may be open connections with dropping
data as a result of the recently added iptables rule
Just to be curious, what is the thinking/idea/advantage behind
disallowing connections by firewall rules instead of denying the
relaying or blacklisting the originating IPs through exims
configuration?
I would like to cause as much disruption to these guys as possible. My
thinking was that an immediate "Relay not permitted" allows them to move
on and try the next one (or worse just repeating with another address on
MY connection - which I have discovered is what they like to do). On the
other hand just dropping the packets means that they have to timeout the
connection before they can move on.
After all, all this bandwidth hitting my connection does make it harder
for people to get a good response from my other services such as my web
site.
I am just a personal individual sitting at the end of my ISP's broadband
connection.
--
Alan Chandler
http://www.chandlerfamily.org.uk
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4c2cf5ba.5090...@chandlerfamily.org.uk
