[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Flood blocking



Bruno Wolff III wrote:
That depends on what mailing lists you are on. Some can send a lot of email.
I don't think you are going to find much antispam success trying to block
this way.
The few lists we're subscribed to, I don't see this happening. Even with Fedora's list, I don't see a lot of hits in a short amount of time. I *think* it'll be fine, but then again I won't know till something get implemented. And even if it's a temporary block, say lasting 5 minutes, that shouldn't adversely affect mailing lists, I don't think.

 Spammers are going to send stuff to your box from lots of IP
addresses. If you try to block these which iptables it could potentially
have negative affects on your machines ability to process packets because
of the large number of rules.
True, however again, keep in mind that these are temporary blocks, not permanent. 5 minutes at the most. Usually that's enough to cause the spammer to go look for another target.

If you are running an authenticated ftp server, then it's reasonable to
do this.
Yup, I do. And right now the machines get affected more by the flood of attacks than the actual iptables blocking. I'd rather remove all the permanent blocks from iptables, and setup a temporary thing. Hit me 3 times in 10 seconds, you're blocked for 5 minutes type of thing.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]