1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA512 |
3 |
|
4 |
Randy Barlow wrote: |
5 |
> I am getting a huge number of connections to my mail server (postfix) |
6 |
> compared to usual. I've seen as many as 50 connections open at one |
7 |
> time. The logs show that the connections are from several computers of |
8 |
> varying IPs, and they are all trying to send mail to random mailboxes on |
9 |
> my domain. It's very annoying, and I have noticed that inbound mail |
10 |
> seems to be lagging by several hours. Is there something similar to |
11 |
> denyhosts for spammers? Any other suggestions? |
12 |
|
13 |
Check those IPs against: www.robtex.com/rbl |
14 |
Choose your favorite blacklists (test them, some of them provide too many false positives) and |
15 |
implement with them DNSBL/RBL in your postfix. Also, SPF and greylisting make a good job. |
16 |
|
17 |
Additionally, I recall a Netfilter/iptables module that does dnsbl, too, but... I'd not recommend it. |
18 |
|
19 |
- -- |
20 |
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica |
21 |
Apoye la Musica Libre - Vote Futurabanda desde: (ver sgte. linea) |
22 |
http://www.frecuenciazero.com.ar/realityrock/votar.htm |
23 |
-----BEGIN PGP SIGNATURE----- |
24 |
Version: GnuPG v1.4.6 (GNU/Linux) |
25 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |
26 |
|
27 |
iD8DBQFHT+R1AlpOsGhXcE0RClWcAJ9FgejSCEeQCTKtIJauIwnGueXQLACdHUZA |
28 |
5Bf6bMBYal6+LN2rPyJnakY= |
29 |
=Tqvc |
30 |
-----END PGP SIGNATURE----- |
31 |
-- |
32 |
gentoo-server@g.o mailing list |