Date: Tue, 21 Dec 2004 08:40:42 +0800 From: Ladislav Bodnar <distro.watch@msa.hinet.net> To: freebsd-pf@freebsd.org Subject: Re: Can pf block illegal relay access attempts? Message-ID: <200412210840.42375.distro.watch@msa.hinet.net> In-Reply-To: <20041217061437.GA5119@kt-is.co.kr> References: <200412171356.34608.distro.watch@msa.hinet.net> <20041217061437.GA5119@kt-is.co.kr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 17 December 2004 14:14, Pyun YongHyeon wrote: > On Fri, Dec 17, 2004 at 01:56:34PM +0800, Ladislav Bodnar wrote: > > Hi, > > > > Over the last 7 days my Postfix mail server received almost 80,000 > > requests to relay mail to a third destination. Since it is not an open > > relay, it rejected all these requests, but it is still annoying to see > > this happening. The requests came from varying (almost 20,000 > > different) IP addresses, but they had one thing in common - the > > destination address was always "$some-user-name"@infomagic.com. > > > > Is there a way to prevent these attempts to access the mail server at > > all? I only started using pf recently, so I still have a lot to learn, > > but I would appreciate any advice. Or is pf not the right tool for > > this? > > Try spamd in ports/mail. Thank you for your suggestion. I investigated spamd and found out that it blocks connections based on IP address only. Unfortunately, I generated almost 20,000 different IP addresses over the last 7 days, so I don't think the IP addresses I would block are valid. I am looking for a solution where a connection is refused based on the recipient's email address (which is always @infomagic.com). Basically I am wondering if pf can refused a connection based on some other criteria than IP address. Thanks a lot.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200412210840.42375.distro.watch>