Suitable port mail reject repeaters

Wesley Shields wxs at
Thu Oct 4 13:33:51 PDT 2007

On Thu, Oct 04, 2007 at 10:12:31AM -0700, David Southwell wrote:
> Hi 
> There have been numerous attempts on one server resulting in entries of the 
> following type in the log:( [xxxx] is a domain for which we receive mail).)
> Oct ?3 07:05:39 dns1 postfix/smtpd[93611]: connect from 
> Oct ?3 07:05:40 dns1 postfix/smtpd[93611]: NOQUEUE: reject: RCPT from 
>[]: 450 4.1.1 <Novitsky@[xxxxx]>: Recipient 
> address rejected: User unknown in virtual alias table; from=<> 
> to=<Novitsky@[xxxxx].com> proto=ESMTP helo=<FRODO.DOLBEY.priv>
> Oct ?3 07:05:40 dns1 postfix/smtpd[93611]: disconnect from 
> Where clearly the remote server is hoping to find we are either open to 
> relaying messages or probing to find email addresses we will accept.
> users with names that do not exist in the virtual alias table are being 
> rejected. However the same group of servers seem to keep on repeated failed 
> attempts.
> What I would like to do is after receiving a number of attempts from a such a 
> remote server to automatically refuse connections and reduce the log load. I 
> believe there is a tool for doing that (say after a remote server has a 
> speciofied number of failed attempts). I am sure there is a port that does 
> this but cannot find it!!

I prefer grok (sysutils/grok) for automated tasks of this type.  It's
_extremely_ powerful and flexible (as opposed to solutions of this type
which work only for a given service, usually ssh).

-- WXS

More information about the freebsd-ports mailing list