While doing this w/ iptables is certainly doable, I'd like to see a simple
way of handling it with the toaster too. The patch would be nice (imho).
Philip Nix Guru wrote:
> Hi JP
> I was just thinking in a general setup.
> Not everyone knows how to set iptables.
> And I often see spammers connecting to some of my smtps with 30-40
> connections (at least trying ..) :)
> that would easily get your server down for your customers, the max
> concurrencyincoming wont allow any new connections
>
> I use that kind of template (you can easily add -s and -d to filter)
> iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
> recent --set
> iptables -I INETIN -p tcp --dport 25 -i eth1 -m state --state NEW -m
> recent --update --seconds 60 --hitcount 10 -j DROP
>
> QToaster should add either the option through tcp.smtp or some basic
> iptables rules
> it would help a few users I think. Too often you see 30-100 connections
> from the same source and that just blocks your server for your "real" users
>
> Just an idea :)
> Jean-Paul van de Plasse wrote:
>> Hi Philip,
>>
>> Just curious but what good does it do when you can allready do this
>> with iptables?
>> When I changed ucspi-tcp-toaster last week I figured they were not
>> very usefull..
>>
>> Regards,
>>
>> JP
>>
>> ----- Original Message ----- From: "Philip Nix Guru" <[EMAIL PROTECTED]>
>> To: <qmailtoaster-list@qmailtoaster.com>
>> Sent: Wednesday, January 17, 2007 10:24 PM
>> Subject: [qmailtoaster] tcpserver-limits-patch
>>
>>
>>> Hello EE
>>> would it be possible to integrate the tcpserver-limits-patch into the
>>> ucspi-tcp-toaster ?
>>> It is pretty useful to have MAXLOAD MAXCONNIP MAXCONNC & DIEMSG in
>>> the tcp.smtp cdb file
>>>
>>> I am already doing that trough my iptables setup but it could be useful
>>> Thx
>>> -Philip
>>>
--
-Eric 'shubes'
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
