Hi All,
I have an attack on my mail system and the mail i got from mailer deamon
is (got 1000s of such mails)
----------------------------------
Transcript of session follows.
Out: 220 ml.w8timez.com ESMTP Postfix
In: HELO 54.183.212.207
Out: 250 ml.w8timez.com
In: MAIL FROM: <fmrjk...@yahoo.com.tw>
Out: 250 2.1.0 Ok
In: RCPT TO: <yuej...@yahoo.com.tw>
Out: 451 4.3.0 <yuej...@yahoo.com.tw>: Temporary lookup failure
Out: 421 4.7.0 ml.w8timez.com Error: too many errors
Session aborted, reason: too many errors
For other details, see the local mail logfile
----------------
I checked mailog and did not get much (like ip/port used etc). i have
25,465,587 outgoing open, i am going to close 25 outgoing.
Any specific suggestions to close such attack?
Regards
Jithesh
