On 10/26/2012 6:16 PM, John Baker wrote: > hi , > > I just wondered if anyone can give me any suggestions on how to improve > this situation. I have been getting slammed by a bot net mostly for > accounts that don't actually exist since late morning. Almost all the > messages are being rejected by postfix or greylisting but at the same time > it's resulted in hundreds of Temporary lookup failures. I use ldap lookups > in in virtual_alias_maps to do some mail routing. As best I can tell my > ldap servers can't move fast enough for the volume so I end up with a bunch > of error messages like this coming to postmaster: > > Out: 250 2.1.0 Ok > In: RCPT TO:<+._-gmatto...@marlboro.edu> > Out: 451 4.3.0 <+._-gmatto...@marlboro.edu>: Temporary lookup failure > In: RSET > Out: 250 2.0.0 Ok > In: MAIL FROM:<> SIZE=7377 > Out: 250 2.1.0 Ok > In: RCPT TO:<+._-gmatto...@marlboro.edu> > Out: 450 4.7.1 <+._-gmatto...@marlboro.edu>: Recipient address rejected: > Policy Rejection- Abuse. Go away. > In: RSET > Out: 250 2.0.0 Ok > In: MAIL FROM:<> SIZE=7380 > Out: 250 2.1.0 Ok > In: RCPT TO:<+._-gmatto...@marlboro.edu> > Out: 450 4.7.1 <+._-gmatto...@marlboro.edu>: Recipient address rejected: > Policy Rejection- Abuse. Go away. > In: QUIT > Out: 221 2.0.0 Bye > > I'm also getting a bunch that just time out and have to resend. > > Is there anything I can do to alleviate the load on my ldap server? > It's coming from so many IP's it's not going to do any good to just start > firewalling.
Configure Postscreen http://www.postfix.org/postscreen.8.html It drops bots before user lookup. Very effective. Requires Postfix 2.8 or later. -- Stan
