I'm not sure if you can on your hardware, but some of my most
effective countermeasures are ehlo/helo checking for hostname does not
contain a ".". This can cause a very small amount of false positives
so please do check your logs first.
Second is greylisting.
Third is checking if the ehlo/helo ip is in my range of ip's.
Sorry about the top post, I'm on a mobile that does not give a lot of
flexibility in that regard.
--
Scott
Iphone says hello.
On Apr 26, 2009, at 3:19 PM, deconya <[email protected]> wrote:
Hi list
Im with the next problem: I have and old server and Im in process to
migrate to a better machine, but actually Im having spam attacks in
the server than saturate it. For the age of the server and because
in two weeks is replaced I can't install any program like spamity or
similar to help to detect spam attacks, but I need to understand the
mail.log to deduce the Ips where comes the attacks and stop it. Any
people can help me what clues can help me to deduce this Ips?
Actually Im using blacklists but nots detects this attacks. Any
other option to create estadistics using external programs?
Thanks && Best regards
