From owner-freebsd-pf@FreeBSD.ORG  Fri Dec 17 06:14:47 2004
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B3DC616A4CE
	for <freebsd-pf@freebsd.org>; Fri, 17 Dec 2004 06:14:47 +0000 (GMT)
Received: from ns.kt-is.co.kr (ns.kt-is.co.kr [211.218.149.125])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E2FD043D54
	for <freebsd-pf@freebsd.org>; Fri, 17 Dec 2004 06:14:46 +0000 (GMT)
	(envelope-from yongari@kt-is.co.kr)
Received: from michelle.kt-is.co.kr (ns2.kt-is.co.kr [220.76.118.193])
	(authenticated bits=128)
	by ns.kt-is.co.kr (8.12.10/8.12.10) with ESMTP id iBH69sAh016394
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL);
	Fri, 17 Dec 2004 15:09:54 +0900 (KST)
Received: from michelle.kt-is.co.kr (localhost.kt-is.co.kr [127.0.0.1])
	by michelle.kt-is.co.kr (8.13.1/8.13.1) with ESMTP id iBH6EiNV005342
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 17 Dec 2004 15:14:44 +0900 (KST)
	(envelope-from yongari@kt-is.co.kr)
Received: (from yongari@localhost)
	by michelle.kt-is.co.kr (8.13.1/8.13.1/Submit) id iBH6EcKZ005341;
	Fri, 17 Dec 2004 15:14:38 +0900 (KST)
	(envelope-from yongari@kt-is.co.kr)
Date: Fri, 17 Dec 2004 15:14:38 +0900
From: Pyun YongHyeon <yongari@kt-is.co.kr>
To: Ladislav Bodnar <distro.watch@msa.hinet.net>
Message-ID: <20041217061437.GA5119@kt-is.co.kr>
References: <200412171356.34608.distro.watch@msa.hinet.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200412171356.34608.distro.watch@msa.hinet.net>
User-Agent: Mutt/1.4.2.1i
X-Filter-Version: 1.11a (ns.kt-is.co.kr)
cc: freebsd-pf@freebsd.org
Subject: Re: Can pf block illegal relay access attempts?
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: yongari@kt-is.co.kr
List-Id: Technical discussion and general questions about packet filter (pf)
	<freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Dec 2004 06:14:47 -0000

On Fri, Dec 17, 2004 at 01:56:34PM +0800, Ladislav Bodnar wrote:
 > Hi,
 > 
 > Over the last 7 days my Postfix mail server received almost 80,000 requests 
 > to relay mail to a third destination. Since it is not an open relay, it 
 > rejected all these requests, but it is still annoying to see this 
 > happening. The requests came from varying (almost 20,000 different) IP 
 > addresses, but they had one thing in common - the destination address was 
 > always "$some-user-name"@infomagic.com.
 > 
 > Is there a way to prevent these attempts to access the mail server at all? I 
 > only started using pf recently, so I still have a lot to learn, but I would 
 > appreciate any advice. Or is pf not the right tool for this?
 > 

Try spamd in ports/mail.

 > Thanks a lot for your help.

-- 
Regards,
Pyun YongHyeon
http://www.kr.freebsd.org/~yongari	|	yongari@freebsd.org