[OT] HELP!!! mail attack
Nataraj
incoming-fedora-list at rjl.com
Wed Mar 26 17:16:48 UTC 2008
On Wed, 2008-03-26 at 11:14 -0400, Rodolfo Alcazar Portillo wrote:
> Am Mittwoch, den 26.03.2008, 23:59 +0900 schrieb John Summerfield:
> > I use postfix; I can do this:
> > [root at mail.js.id.au sysconfig]# tail /etc/postfix/header_checks
> > /^Received.*UNITED.CO.UK/ REJECT No thanks
> > /^Received.*HAPPYGROUP.CO.UK/ REJECT No thanks
> > /^Received:.*ceres.concept.net.nz/ REJECT Bloody twits
> > /^Received:.*dizinc.com/ REJECT No thanks
> > /CentOS-announce Digest/ REJECT I don't want these
> > /yourshopineu/ REJECT Bloody spammer
>
> Ok, the problem is that the content is really random... I tried to found
> common words:
Postfix has extensive features for dealing with these types of mail
attacks including all kinds of rate limiting for number of connections
from servers, blocking connections from servers with improper dns
entries, calling various hooks to other spam control mechanisms. If a
server connects and trys to send mail to non-existant users or other
failure, this counts as an error. You can rate limit the number of
errors allowed from a particular server attempting delivery, then
postfix will just refuse connections from the server after the limit is
exceeded. It is very efficient and deals exceptionally well with mail
attacks. I suggest you check out http://www.postfix.org
Nataraj
>
> http://www.padep.org.bo/log20080325/log/words4-sort_-_n
>
> thanks, anyway...
> --
> Rodolfo Alcazar
> Responsable red y datos
>
> Deutsche Gesellschaft für
> Technische Zusammenarbeit (GTZ) GmbH
>
> Programa de Apoyo a la Gestión Pública Descentralizada y
> Lucha Contra La Pobreza - PADEP
> Av. Sánchez Lima 2226
> La Paz, Bolivia
>
> Tel: +591 22417628 (121)
> Fax: +591 22417628 (126)
> Web: www.padep.org.bo
> Email: rodolfo.alcazar at padep.org.bo
>
More information about the users
mailing list