Jerry Geis a écrit :
I was getting MANY emails from XXX.hinet.net - kind of filled my mqueue directory. I stopped sendmail. removed all the files in mqueue, added to sendmail access a REJECT for hinet.net This certainly seems to help - but is that the correct way to take care of this sort of thing?
you can reject clients whose name ends in
.dynamic.hinet.net .HINET-IP.hinet.net
but that won't stop the noise.
I prefer firewalling them:
$ cat /etc/fw.nosmtp ## hinet.net junk sources #59.112.0.0 - 59.127.255.255 59.112.0.0/12 #61.220.0.0 - 61.231.255.255 61.220.0.0/14 61.224.0.0/14 61.228.0.0/14 #111.240.0.0 - 111.255.255.255 111.240.0.0/12 #114.32.0.0 - 114.47.255.255 114.32.0.0/12 #118.160.0.0 - 118.167.255.255 118.160.0.0/13 #118.168.0.0 - 118.171.255.255 118.168.0.0/14 #122.120.0.0 - 122.127.255.255 122.120.0.0/13 #218.160.0.0 - 218.175.255.255 218.160.0.0/12 #220.128.0.0 - 220.143.255.255 220.128.0.0/12
then
smtp="-p tcp --dport 25" grep -v "^#" /etc/fw.nosmtp | while read _subnet _anything; do if [ ! -z ${_subnet} ]; then iptables -A INPUT -s ${_subnet} ${smtp} DROP fi done