|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Need help dealing with distributed dictionary attack.
From: Wietse Venema (wietse
porcupine.org)
Date: Mon Aug 02 2004 - 21:38:37 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jefferson Cowart:
> I'm pretty sure this is not back scatter based on the e-mail addresses that
> it is trying to send to. Each message is trying to go to multiple recipients
> that have never existed in my domain. Additionally they seem to be in
> alphabetical order. For instance:
>
> Out: 220 P133.internal.westcott-lahar.net ESMTP mail.westcott-lahar.net
> In: HELO cowart.net
> Out: 250 P133.internal.westcott-lahar.net
> In: MAIL FROM:<luiz.figueiraspbol.com.br>
> Out: 250 Ok
> In: RCPT TO:<dlittlecowart.net>
> Out: 554 <cowart.net>: Helo command rejected: Access denied
> In: RCPT TO:<dlkcowart.net>
> Out: 554 <cowart.net>: Helo command rejected: Access denied
> In: RCPT TO:<dlkellycowart.net>
> Out: 554 <cowart.net>: Helo command rejected: Access denied
In that case it helps to
smtpd_error_sleep_time = 0
smtpd_hard_error_limit = 1
Wietse
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]