The problem is that the add-dst-to-address-list - rule get triggered before the dst-limit rule above. One minute later the count on the dst-limit rule starts to rise to exactly the value of the add-dst-to-address-list - rule.
Code: Select all
add chain=forward action=drop src-address-list=mail_blacklist add chain=forward content="-ERR Authentication" dst-limit=1/1m,3,dst-address/1m protocol=tcp src-port=110 add chain=forward content="-ERR Authentication" action=add-dst-to-address-list address-list=mail_blacklist address-list-timeout=1w log=yes log-prefix=block_pop3 protocol=tcp src-port=110
Any ideas what could be wrong here? Is dst-limit or rule order broken in v6.31?
Is there a better solution as found in the wiki?