After detecting spammers with an RBL list you can block them for a predefined period of time with the help of fail2ban. How does it work:
– fail2ban parses mail.log
– when a spammer IP is found it is added to a temporary list
– future requests from the spammer’s IP is blocked
- Check smtpd_recipient_restrictions in /etc/postfix/main.cf
- Double-check that you are NOT using google DNS (aka 8.8.8.8)
- Add to /etc/fail2ban/jail.local
- Create /etc/fail2ban/
- Restart fail2ban and test config
Similar readings:
Adaptive DDOS IDS firewall