Re: Postfix Sluggish

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ki Song wrote:

[snip]

>>You don't. You firewall off the server that's doing the dictionary
>>attack and then your mail server will never see the connections from it,
>>hence no logging.
> 
> 
> Isn't that just putting a "bandaid" on the problem ... I mean, isn't the
> list of ip addresses that i firewall off eventually going to be too big to
> manage?
> 
> If the above isn't true, is there a central location that people can get a
> hold of that has a list of "bad ip" addresses? Similar to Spamassassin's
> list?
> 
> 
>>Paul.
>>
>>-- 
>>fedora-list mailing list
>>fedora-list@xxxxxxxxxx
>>To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> 
> 

In my personal experience, dictionary attacks tend to be (relatively)
short lived, as the script that generate the messages must have a fairly
low time-out.

Odds are good that the MTA that's trying to connect to your machine is
not a host with a proper MX record, and if it is, it's probably not
configured correctly.   You could probably stop postfix from even
accepting connections from it by implementing the recommendations
described here:

http://www.postfix.org/uce.html

You could also dive into header_checks as well.

One positive aspect of implementingthese suggestions is that over time
you should see less and less spam, as your domain gradually falls off
the "known good" lists.

Best o' luck!

DP

-- 
David-Paul Niner, RHCE
Orange Park, Florida, United States
GPG Key ID: 0x106B54E3


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux