[Dshield] Blocking Country Access

Tony Earnshaw tonni at hetnet.nl
Thu Feb 22 02:31:51 GMT 2007


Dave Hatz wrote, on 21. feb 2007 22:48:

> Can u provide a little information on "blocking at the MTA level".  

MTA is Postfix 2.3. A cidr subnet block, e.g., from 
/etc/postfix/maps/cidr_reject (sorry for any folding, these are discrete 
lines):

# Ya.com Internet Factory Albasanz, 16 Planta 4 28037 Madrid ES
62.151.0.0/17           REJECT Client subnet access denied
84.76.0.0/15            REJECT Client subnet access denied
84.77.32.0/19           REJECT Client subnet access denied
89.128.0.0/15           REJECT Client subnet access denied

The block obviously applies to any (open) port an smtpd listener is 
running on, 25, 465 or 587 in our case.

--Tonni

-- 
Tony Earnshaw
Email: tonni at hetnet dot nl


More information about the list mailing list