> Yes, using RBLSMTPD there are zen,spamcop & another 2 > RBL sites i have been configured. even though the lots > of unwanted connection is established... Yes, well, you can rate-limit smtp connections, but since you probably can't know where legitimate email comes from, you'll also be limiting legitimate connections. However, maybe Qmail can rate-limit smtp connections too in a nicer way (I don't know Qmail, but I know that Postfix has a "stress" config these days). You can try using the limit match: $ipt -A INPUT -i eth1 -m state --state NEW -p tcp --dport 25 \ -m limit --limit 1/second -j ACCEPT $ipt -A INPUT -i eth1 -m state --state NEW -p tcp --dport 25 \ -j REJECT Or using the connlimit match: $ipt -A INPUT -i eth1 -m state --state NEW -p tcp --dport 25 \ -m connlimit --connlimit-above 2 -j REJECT They do different things, but one of them may be useful for you. See "man iptables". Grts, Rob -- Disclaimer: Any errors in spelling, tact or fact are transmission errors. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
