> Hi list > > Im with the next problem: I have and old server and Im in process to migrate to a better machine, but actually Im having spam attacks in the server than saturate it. For the age of the server and because in two weeks is replaced I can't install any program like spamity or similar to help to detect spam attacks, but I need to understand the mail.log to deduce the Ips where comes the attacks and stop it. Any people can help me what clues can help me to deduce this Ips?
There are a number of things you can do, including possibly using a better (or an additional) blacklist, rejecting incoming connections that have no reverse DNS entry, and on a more controversial, but very effective note, reject IP addresses that have a "dynamic looking" reverse DNS and rejecting messages that are for non-existent users. If you can you can post a few log entries for this spam, as well as the output from postconf -n, I'm sure you'll get a lot of good suggestions. Some well-chosen restrictions will let even a small machine handle a really significant volume of mail. The trick is to reject as much spam as possible during the initial SMTP connection. Terry -- CNY Support, LLC Web. Database. Business http://www.cnysupport.com
