IP drop list
Dave McGuire
mcguire at neurotica.com
Wed Mar 4 20:45:45 UTC 2015
On 03/04/2015 03:37 PM, Oliver Welter wrote:
>>>> I would like to reiterate Reindl Harald's point above, since subsequent
>>>> discussion has gotten away from it. If Dovecot had DNS RBL support
>>>> similar to Postfix, I think quite a few people would use it, and
>>>> thereby
>>>> defeat the scanners far more effectively than any other method. It is
>>>> good that other people are suggesting things that will work today, but
>>>> in terms of what new feature would be the best solution, I can't think
>>>> of one better than a DNS RBL.
>>>
>>> Please add this support to iptables instead of Dovecot. It's a waste of
>>> effort to code it into every application that listens on the network.
>>
>> <head explodes>
>>
>> Would you care to integrate it into IOS on my Cisco as well?
>>
>> There are things connected to the Internet that aren't PCs running
>> Linux, you know. It may be hard to accept, but that's the way it is.
>>
> I assume your dovecot runs on some kind of *nix
Of course. I run it under Solaris.
> so there should be some
> sort of netfilter available which you can put in front of your listening
> ports.
There is. But I already have a firewall, running on bulletproof
hardware that doesn't depend on spinning disks. I don't want to add
ANOTHER firewall when I already have a perfectly good one. Besides, my
mail server is built for...serving mail. Not being a firewall.
-Dave
--
Dave McGuire, AK4HZ/3
New Kensington, PA
More information about the dovecot
mailing list