-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Bill, sorry to hear about your troubles.
On 2/9/2014 11:54, William Lewis wrote:
At first, I set up a log book scan script to look for bad logins, and then ban the IP address, but then I found out that since my 44.2.14.1 ip address goes "around" my firewall via UCSD, the block rules literally have zero effect.
Don't know if this will help, but this is one major reason that a number of years ago I opted to do all my IPIP routing via the Linux kernel and no longer in *NOS. It has more advanced routing capability, and can filter / NAT / etc. everything going into or out of those tunnels (as well as all other traffic). Then, as others have said, if it's SMTP traffic bound for the BBS and it's not coming from a net-44 address, it *must* hit my Postfix gateway. NOS also is configured with access rules to deny all non-44 SMTP packets in order to help enforce that policy.
Hope you get it nailed down!
73,
Brett