|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: John Beaver (junk
leaveittobeaver.net)
Date: Thu Aug 09 2007 - 12:19:23 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Justin Piszcz wrote:
> Recently, I saw this in my logs:
>
> With iptables I guess I could specify something to block port 25 if it
> gets hit too many times from _ANY_ ip but that would block legitimate
> mail; however, it seems as if it the only or best option?
>
> Aug 9 12:47:19 l2 postfix/smtpd[12676]: connect from
> mx181.populationarea.com[69.31.50.181]
> Aug 9 12:47:24 l2 postfix/smtpd[12676]: disconnect from
> mx181.populationarea.com[69.31.50.181]
> Aug 9 12:47:26 l2 postfix/smtpd[12676]: connect from
> mx190.webcastersradio.com[69.31.50.190]
You could try using the anvil feature, if your not already.
From a firewall perspective, I use pf with has a max connection feature
to block dynamically. Not sure if IP tables has the same functionality.
John Beaver
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]