[wplug] Since we're talking iptables...

[Brandon Kuczenski]

I just checked my root mailbox (probably should get that Logwatch stuff 
forwarded) and found a veritable cow's ass full of Postmaster 
notifications for rejected forwarding of mail.

I am running a relay/Backup-MX for a friend of mine, and all of these 
emails were directed to nonexistent users in his various domains.

I created a new IP Table to DROP smtp requests from the four IP 
addresses that accounted for probably 85% of the emails; but I was 
wondering if there was a 'more right' way to do that.

Also, does this indicate some kind of relaying hole in my configuration?  
I was led to believe that, since mail relays have to be public knowledge 
(so that mailers can route mail to the alternate MX) there's nothing you 
can do about it.  But I could be misinformed.

The MTA is Sendmail, latest version as of November (8-12-10, I think).

-Brandon

P.S. the IP addresses were:
203.45.211.47
203.45.213.190
203.45.212.37
65.103.49.34