the fail2ban rules create an iptables chain with a DROP like this: DROP all -- x.x.x.x 0.0.0.0/0
x.x.x.x stands for the IP-Adresse. The main problem was, that mostly qmail was very busy in accepting spammers and then spamdyke creating greylisting thousands of tries for certain, well know domains. This caused very much load on the server. Am 24.08.2010 um 00:20 schrieb Anthony Ercolano: > Boris give a nice jail definition for spamdyke. > > He references the following article: > http://notes.benv.junerules.com/all/software/qmail-spamdyke-and-fail2ban/ > > On reading the article, Benv reports that he had a currently banned count of > 1987. > Perhaps I have a misunderstanding of how fail2ban works. But, what I think > this means is that 1987 separate iptable rules have been added. One for each > offending ip address. I also think as it's currently set up, EVERY packet, > regardless of type, protocol, or port, that comes into your mailserver will > be checked against this ever growing list of ip address. I would think that > if your mail server is also being used as your name, web, and/or ntp server > then each one of those services will be unnecessarily slowed down buy this > check. > > I'm wondering if the action to be used here would be iptables[name=SPAM > protocol=TCP port=25] > > Thoughts? > > Tony > > >Message: 5 > >Date: Mon, 23 Aug 2010 14:25:33 +0200 > >From: Boris Hinzer <b.hin...@web-vision.de> > >Subject: Re: [spamdyke-users] Does one blacklisted address kill the > > delivery? > >To: spamdyke users <spamdyke-users@spamdyke.org> > >Message-ID: <dcaf0e43-24b7-4265-873f-3be2e9491...@web-vision.de> > >Content-Type: text/plain; charset=us-ascii > > > >Here goes my /etc/fail2ban/jail.local : > > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
