projects
/
mirror
/
dsa-puppet.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
f5bdff6
)
netfilter DROP traffic from some mail abusers
author
Peter Palfrader
<peter@palfrader.org>
Wed, 10 Oct 2018 08:15:41 +0000
(10:15 +0200)
committer
Peter Palfrader
<peter@palfrader.org>
Wed, 10 Oct 2018 08:15:41 +0000
(10:15 +0200)
modules/exim/manifests/mx.pp
patch
|
blob
|
history
diff --git
a/modules/exim/manifests/mx.pp
b/modules/exim/manifests/mx.pp
index
cddf405
..
dce0358
100644
(file)
--- a/
modules/exim/manifests/mx.pp
+++ b/
modules/exim/manifests/mx.pp
@@
-13,6
+13,16
@@
class exim::mx inherits exim {
notify => Service['exim4'],
}
+ # 20181010 many connections:
+ # 188.165.219.27
+ # 125.72.232.*
+ # 140.224.61.*
+ # 117.24.38.*
+ @ferm::rule { 'dsa-mail-abusers':
+ prio => "000",
+ rule => "saddr (188.165.219.27 125.72.232.0/24 140.224.61.0/24 117.24.38.0/24) DROP",
+ }
+
# MXs used as smarthosts
@ferm::rule { 'dsa-exim-submission':
description => 'Allow SMTP',