|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Noel Jones (njones
megan.vbhcs.org)
Date: Mon Mar 03 2008 - 07:53:44 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ram wrote:
> On Mon, 2008-03-03 at 10:12 +0100, Ralf Hildebrandt wrote:
>> * ram <ramnetcore.co.in>:
>>> On my postfix 2.4.3 servers I maintain a list of users for most domains
>>> I accept mail for. So I am able to reject SMTP connections to incorrect
>>> ids right after RCPT-TO
>>>
>>> I would like to send a TEMPFAIL to all smtp clients who have been
>>> bombarding my servers with undeliverable mails ( atleast attempting to )
>>> in the last half hour
>>> That way I would be rejecting a lot of spams wth TEMPFAIL and by the
>>> time the ip is "released" it would have got listed in rbls
>>> (I believe yahoo does something similar too. )
>> Use fail2ban
>>
>
>
> Ok fail2ban from the site seems to be a generic ip listing software
> parsing lines from the logs
Right.
>
> I was thinking if there was something like anvil & message_rate_limit
> that would be far more efficient and would have no time lag too
Depends on what you mean by efficient...
Using fail2ban, the offending client can't even connect to
your server during the banned period. This is extremely
efficient.
At any rate, anvil(8) doesn't maintain an error count, so
fail2ban or a similar log scraper is your only choice.
--
Noel Jones
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]