|
Looks OK (of course, I prefer the MailScanner solution). You should put the dictionary attack stuff from my ACL at the top of the middle box, just after:
accept hosts = :
There's no point in going through the overhead of RBL lookups if you're going to deny the connection anyway because of a RCPT check failure, which is much quicker.
__________________
Jonathan Michaelson
cPanel Forum Moderator
Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
|