[Greylist-users] Blacklisting an IP - outside of Greylist

Chuck Amadi chuck.amadi at rokcorp.com
Wed Mar 28 07:40:28 PDT 2007

Dennis Wynne wrote:
> We have one IP that is really hitting on us, the blocked count in the 
> greylist database shows 32,552 blocks since I blacklisted them.
> One message snuck through this morning, they hit us so often that during the 
> time the daily stop/start of the script was going on the message snuck 
> through.
> To avoid having to look this number up over and over in the database all day 
> and have any mail sneak by in case the script is down for any reason, I want 
> to block this IP at the earliest or best spot (lease overhead for my system) 
> that I can.
> Thoughts:
> 1) I can put it in the access sendmail "database" with an entry like:
> Connect:           REJECT
> 2) I can add them to the iptables "firewall" with something like this:
> -A RH-Firewall-1-INPUT -d -j REJECT
> 3) I could get them listed on one of the real-time black lists I use - they 
> currently are not listed. This seems the least sure and still has high 
> overhead, I would think.
> Any other options?
> Thanks!
> Dennis
> _______________________________________________
> Greylist-users mailing list
> Greylist-users at lists.puremagic.com
> http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users

Just to confirm my iptable chain rule to drop a ip address anywhere is 

On the CLI I run.
iptables -A INPUT -s  -p TCP -j DROP
iptables -L

I hope this helps.

Chuck Amadi
ROK Corporation Limited
Dyffryn Business Park,
Llantwit Major Road,
Vale Of Glamorgan.
CF71 7PY
Tel: 01446 795 839
Fax: 01446 794 994
International Tel:   +44 1446 795 839

email: chuck.amadi at rokcorp.com

This email is confidential to the addressee only. If you do not believe
that you are the intended recipient, do not pass it on or copy it in any
way. Please delete it immediately.

More information about the Greylist-users mailing list