IP drop list

Oliver Welter mail at oliwel.de
Wed Mar 4 20:37:16 UTC 2015


Am 04.03.2015 um 21:03 schrieb Dave McGuire:
> On 03/04/2015 02:12 PM, Michael Orlitzky wrote:
>>> I would like to reiterate Reindl Harald's point above, since subsequent
>>> discussion has gotten away from it. If Dovecot had DNS RBL support
>>> similar to Postfix, I think quite a few people would use it, and thereby
>>> defeat the scanners far more effectively than any other method. It is
>>> good that other people are suggesting things that will work today, but
>>> in terms of what new feature would be the best solution, I can't think
>>> of one better than a DNS RBL.
>>
>> Please add this support to iptables instead of Dovecot. It's a waste of
>> effort to code it into every application that listens on the network.
>
>    <head explodes>
>
>    Would you care to integrate it into IOS on my Cisco as well?
>
>    There are things connected to the Internet that aren't PCs running
> Linux, you know.  It may be hard to accept, but that's the way it is.
>
I assume your dovecot runs on some kind of *nix so there should be some 
sort of netfilter available which you can put in front of your listening 
ports.

It might be also an option to create some kind of "hooks" in dovecot 
that can be used to connect to a DNSBL checker - so configuration can 
happen outside of dovecot.

Oliver

-- 
Protect your environment -  close windows and adopt a penguin!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4074 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20150304/30d8cefc/attachment.p7s>


More information about the dovecot mailing list