> On 17 March 2015, at 10:14, Dave Horsfall <d...@horsfall.org> wrote: > > FreeBSD 9.3-RELEASE-p5 (GENERIC) #0: Mon Nov 3 22:02:57 UTC 2014 > > fxp0: <Intel 82801DB (ICH4) Pro/100 VM Ethernet> (on board) > > I'm having trouble with getting rate limiting to work i.e. so many > connections from the same source in so many seconds (what we in the > anti-spam community call "woodpeckers"). > > Does it actually work on FreeBSD 9? I know that PF doesn't work at all on > FreeBSD 8 (at least, with the NIC above), and if it does indeed work then > what would be a good starting point? > > Note that a complicating factor is that I have configured a "greet pause" > of 10 seconds i.e. after the connection I wait for that long before > issuing the SMTP greeting (and woe betide you if you don't wait in turn). > > And before anyone asks me why aren't I running 10.x, I will as soon as my > new server arrives; the current box is going to fail soon (the > electrolytic capacitors are starting to bulge) so it's not worth the > hassle. And anyway, I've screwed up the ports area Yet Again from a > failure to read simple instructions :-(
You might want to provide some details on which approach to rate limiting you are using. There are at least two that I am aware of. Also, are your sure that you are having a large number of connections from each IP, or are they using one connection and trying many different ids and passwords? I see lots of the latter on several mail servers I run. I don’t recall seeing one IP making many connection attempts. Rate limiting won’t help if they are using one connection. _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
