Postfix Sluggish
David-Paul Niner
dpniner at dpniner.net
Fri Nov 4 17:56:38 UTC 2005
Ki Song wrote:
[snip]
>>You don't. You firewall off the server that's doing the dictionary
>>attack and then your mail server will never see the connections from it,
>>hence no logging.
>
>
> Isn't that just putting a "bandaid" on the problem ... I mean, isn't the
> list of ip addresses that i firewall off eventually going to be too big to
> manage?
>
> If the above isn't true, is there a central location that people can get a
> hold of that has a list of "bad ip" addresses? Similar to Spamassassin's
> list?
>
>
>>Paul.
>>
>>--
>>fedora-list mailing list
>>fedora-list at redhat.com
>>To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
>
In my personal experience, dictionary attacks tend to be (relatively)
short lived, as the script that generate the messages must have a fairly
low time-out.
Odds are good that the MTA that's trying to connect to your machine is
not a host with a proper MX record, and if it is, it's probably not
configured correctly. You could probably stop postfix from even
accepting connections from it by implementing the recommendations
described here:
http://www.postfix.org/uce.html
You could also dive into header_checks as well.
One positive aspect of implementingthese suggestions is that over time
you should see less and less spam, as your domain gradually falls off
the "known good" lists.
Best o' luck!
DP
--
David-Paul Niner, RHCE
Orange Park, Florida, United States
GPG Key ID: 0x106B54E3
More information about the fedora-list
mailing list