[PLUG] Blocking e-mail by IP (was Fwd: NEW WORM - Friendgreetings.com mass E-mailer)
Ed Sawicki
ed at alcpress.com
Sun Oct 27 22:44:11 UTC 2002
On Fri, 2002-10-25 at 14:42, Rich Shepard wrote:
> On Fri, 25 Oct 2002, Bill Thoen wrote:
>
> > If I wanted to block all messages coming from 66.172.0.0 to
> > 66.172.63.255 in my /etc/mail/access file without blocking
> > 66.172.64.0 to 66.172.255.255, how would I do it? Adding just
> > 66.172 blocks too much, but I don't want add lots of individual
> > IPs either. Is there an allow/deny scheme for filter e-mail with
> > the access file?
>
> Thar ain't no shortcut, unfortunately. The MTAs don't read CIDR addresses
> so you need to list each one; e.g.:
>
> 66.172.0 550 Whatever
> 66.172.1 550 Whatever
> 66.172.2 ...
> ...
> 66.172.63 550 Whatever
>
> Rich
The Postfix Per User patch allows CIDR notation but it is
not well documented. Another solution is to put CIDR addresses
in Bernstein's RBL server and point Postfix to the server. The
latter approach is what I use with escrubber.biz.
Ed
More information about the PLUG
mailing list