Bocking IP's rather than Email domains
craigwhite at azapple.com
Sat Feb 18 02:05:29 UTC 2006
On Fri, 2006-02-17 at 20:54 -0500, CodeHeads wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Hello all,
> Have a question:
> Would it be better to block IP's instead of domains for an email server?
> I guess would be that the person can change the domain in their reply
> email address, so blocking IP ranges would be better, wouldn't it??
> IP range = 18.104.22.168 - 22.214.171.124 (Actual spammer IP)
> Wouldn't be better to place the IP's in iptables?? Or would another option
> be better?
> I hope this was not discussed at a later date. Just curious on what the IT
> fields thinks of this. :)
Sure - use a hammer when the task at hand calls for a screwdriver. It's
your mail server so use the hammer if that pleases you. That won't
however stop the next ip range from sending you spam.
Configure the mail server properly...
MTA with good RBL settings
wrapper program [MailScanner | Mime-Defang | Amavisd-new]
wrapper to control spamassassin & anti-virus (i.e. clamav)
spam would be minimal
fwiw, I would recommend postfix/mailscanner/clamav/postgrey but other
qualified opinions would recommend other things
More information about the users