-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michelle Konzack wrote: | Hello, | | I am running a 3.5 MBit SDSL from <http://www.nerim.net/> and have a | @home Mailserver which is currently (since 2007-12-17) hit by daily | several 100.000 spams (2-5 times 30-120 minutes) from over 2000 | different IP's. | | My mailserver is rejecing thios shit nearly perfect but the server | has a System- and CPU-load of nearly 100% which make the IMAP server | unusable and since the sevrer does automated mailprocessing (40.000 | per day) I hit a real problem. | | Now, since most senders (over 90%) have wrong reverse DNS I like to | know, whether there is a possibility to block such connections on | the router with iptables and helpers?
You probably don't want to load your router/firewall with reverse DNS lookups on every packet. You can configure most modern mail clients to reject mail from senders with invalid reverse DNS, or failing that run a proxy front-end that will perform these checks. I find a combination of various RBL lists and some standard non-spammer tweaks (ie: drop early talkers, virus filtering, etc) keeps the inbound mail load under control enough I can run everything through the fairly CPU intensive spamassassin. We only get about 8-10K legit e-mails/day, however (many times that in spam), so YMMV. If you do have a list of IP addresses you want to blackhole, you might want to checkout packages like fail2ban: ~ http://www.fail2ban.org/wiki/index.php/Main_Page ...this is setup to scan your logs for failed login attempts and block the IPs at the firewall, but the concept could easily be expanded to trigger on anything you'd like. There may be something already more specifically targeted towards e-mail, but I'm not familiar with it. - -- Charles Steinkuehler [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhPgbLywbqEHdNFwRAnJUAKCpM9Mxh57pT/K6vgmJ6AE1JvKvFgCgjD31 oUGTlGbo+m/fZTl6ANu7bNo= =uL43 -----END PGP SIGNATURE----- ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
