[Greylist-users] Blacklisting an IP - outside of Greylist

[Andrew Birch]

Dennis,  I'd change the -d to -s on option 2, and then probably select
option 1 as it is slightly neater - keep the mail stuff in one place.

Just my tuppence...
Andrew.

-----Original Message-----
From: greylist-users-bounces at lists.puremagic.com
[mailto:greylist-users-bounces at lists.puremagic.com] On Behalf Of Dennis
Wynne
Sent: Thursday, 29 March 2007 12:02 AM
To: Greylisting Users and Developers Discuss
Subject: [Greylist-users] Blacklisting an IP - outside of Greylist

We have one IP that is really hitting on us, the blocked count in the 
greylist database shows 32,552 blocks since I blacklisted them.

One message snuck through this morning, they hit us so often that during the

time the daily stop/start of the script was going on the message snuck 
through.

To avoid having to look this number up over and over in the database all day

and have any mail sneak by in case the script is down for any reason, I want

to block this IP at the earliest or best spot (lease overhead for my system)

that I can.

Thoughts:

1) I can put it in the access sendmail "database" with an entry like:

Connect:1.1.1.1           REJECT


2) I can add them to the iptables "firewall" with something like this:

-A RH-Firewall-1-INPUT -d 1.1.1.1 -j REJECT


3) I could get them listed on one of the real-time black lists I use - they 
currently are not listed. This seems the least sure and still has high 
overhead, I would think.


Any other options?

Thanks!
Dennis




_______________________________________________
Greylist-users mailing list
Greylist-users at lists.puremagic.com
http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users