System Command on Client Restriction Rejection
in [Postfix]
|
Prev: Mail blocked if not HTML
Next: warning: Connection concurrency limit exceeded: 11 from xx[w.x.y.z]for service smtp
From: JunkYardMail1 on 2 Jul 2010 01:42 Is it possible to execute a system command upon the following smtpd client restriction rejections? smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org, reject_unknown_reverse_client_hostname, reject_unknown_client_hostname Would like to automate insertion of client IP address into IP Tables firewall rule. System Command: /sbin/iptables " --table filter --insert <CHAIN> -s <IP Address> -j DROP" Where <CHAIN> is something like SMTP_RBL, SMTP_PTR, or SMTP_Hostname, and <IP Address> is that of the connecting client.
From: "Dudi Goldenberg" on 2 Jul 2010 02:29 >Is it possible to execute a system command upon the following smtpd client >restriction rejections? > >smtpd_client_restrictions = >reject_rbl_client zen.spamhaus.org, > reject_unknown_reverse_client_hostname, > reject_unknown_client_hostname > >Would like to automate insertion of client IP address into IP Tables >firewall rule. Take a look at fail2ban, http://www.fail2ban.org/wiki/index.php/Main_Page D.
From: JunkYardMail1 on 2 Jul 2010 12:16
Already have a home grown log scrapper dynamically managing (add/remove) firewall rules and love the results. Not only have bad behaving bots disappeared but there seems to be fewer spam attempts for unique clients as well. Leaving log files much less cluttered and much smaller. When I say disappeared, I mean they don't even bother hitting the firewall anymore. It's a thing of beauty. Was hoping though that Postfix would have means of initiating action (a system command) upon client restrictions results. That would be a preferred method rather than periodically scraping logs. I figure if they are just going to get blocked by an RBL anyway, why not stick them in an SMTP_RBL firewall and keep them out of the logs. A thing of beauty. fail2ban does look like good tool though. If didn't already have home grown solution would give it a whirl. -------------------------------------------------- From: "Dudi Goldenberg" <dudi(a)kolcore.com> Sent: Thursday, July 01, 2010 11:29 PM To: <JunkYardMail1(a)Verizon.net>; <postfix-users(a)cloud9.net> Subject: RE: System Command on Client Restriction Rejection >>Is it possible to execute a system command upon the following smtpd > client >>restriction rejections? >> >>smtpd_client_restrictions = >>reject_rbl_client zen.spamhaus.org, >> reject_unknown_reverse_client_hostname, >> reject_unknown_client_hostname >> >>Would like to automate insertion of client IP address into IP Tables >>firewall rule. > > Take a look at fail2ban, > http://www.fail2ban.org/wiki/index.php/Main_Page > > D. |