Tag Archives: email

Email Greylisting

First, for the un-initiated, click here to learn about email greylisting.

When email admins talk about greylisting, one of the benefits they normally point to is load on the actual email server but fail to mention supporting systems. I did notice a decrease in mail processing load there as well as my database server.

Keep in mind this is NOT a busy email server. It’s only hosting a couple TLDs.

I noticed an immediate improvement after restarting mail services (I did not reboot the server).

Block Incoming IP Using dd-wrt (iptables)

While reviewing logs on the email server I noticed 112.121.136.26 trying to authenticate via SASL.
This is not a normal IP that would be relaying email through the server, so I decided to block it at the firewall.
Undoubtedly, someone was trying to relay spam, whether they were aware or not.

First, I logged into my firewall via ssh to get a rule in place immediately:

iptables -I CHAIN -s 112.121.136.26 -j DROP

Listing the rules:

iptables -L --line-number

1 DROP 0 — ppp-112.121.136.26.revip.proen.co.th anywhere

Shows the new rule at the top of the chain. Exactly where I need it.