mmx
Verified User
For the past few days, I have been getting these entries in my exim mainlog:
2005-06-20 01:32:36 H=dsl-218.rpt.pmt.org (mydomain.com) [216.83.68.218] F=<[email protected]> rejected RCPT <[email protected]>:
2005-06-20 01:32:36 H=dsl-218.rpt.pmt.org (mydomain.com) [216.83.68.218] incomplete transaction (connection lost) from <[email protected]>
...
He keeps using different usernames for the emails (probably reading from a dictionary file?). I have no idea what he's trying to do, but it's filling up my logs with crap. Is there any way to block this IP? I'm using FreeBSD 5.4; which firewall do you guys recommend for me to use? Thanks.
2005-06-20 01:32:36 H=dsl-218.rpt.pmt.org (mydomain.com) [216.83.68.218] F=<[email protected]> rejected RCPT <[email protected]>:
2005-06-20 01:32:36 H=dsl-218.rpt.pmt.org (mydomain.com) [216.83.68.218] incomplete transaction (connection lost) from <[email protected]>
...
He keeps using different usernames for the emails (probably reading from a dictionary file?). I have no idea what he's trying to do, but it's filling up my logs with crap. Is there any way to block this IP? I'm using FreeBSD 5.4; which firewall do you guys recommend for me to use? Thanks.
