Top posting, for the archives...
Problem probably solved. There has been a new spam backscatter
flood, and this time it had no impact on my server's network
connectivity. Spamd did just fine. It now runs with the
flags -B 300 -c 400 -S 30 -s 3 (among others) and they
brought down the network load
On Mon, Feb 11, 2008 at 11:33:47AM -0500, Calomel wrote:
> On Mon, Feb 11, 2008 at 11:17:35AM +0100, Raimo Niskanen wrote:
> >On Fri, Feb 08, 2008 at 11:20:31AM -0500, Calomel wrote:
> >> Raimo,
> >>
> >> Can you use the spamd.alloweddomains to whitelist email addresses and
> >> domains you accept
On Mon, Feb 11, 2008 at 11:17:35AM +0100, Raimo Niskanen wrote:
>On Fri, Feb 08, 2008 at 11:20:31AM -0500, Calomel wrote:
>> Raimo,
>>
>> Can you use the spamd.alloweddomains to whitelist email addresses and
>> domains you accept mail for? Any email sent to your mail server that is not
>> on the l
On Monday 11 February 2008, Raimo Niskanen wrote:
> 'Mail From: <>'
One of several that will put you on the http://rfc-ignorant.org/
blacklist.
--
Chris
On Fri, Feb 08, 2008 at 11:20:31AM -0500, Calomel wrote:
> Raimo,
>
> Can you use the spamd.alloweddomains to whitelist email addresses and
> domains you accept mail for? Any email sent to your mail server that is not
> on the list will only goto spamd and never get the chance to be
> greylisted/w
On Fri, Feb 08, 2008 at 11:19:06AM -0500, Dave Anderson wrote:
> On Fri, 8 Feb 2008, Raimo Niskanen wrote:
>
> >Now I am trying to improve the Greyscanner. I noticed it did not
> >trap hosts using an empty envelope sender, unless there were
> >more than one entry from that host. I regarded it as a
On 08/02/2008, Raimo Niskanen <[EMAIL PROTECTED]> wrote:
> Can spamd do anything about zombie hosts? They behave like
> normal MTAs so they will pass spamd's behavioural tests, right?
I don't think most zombies behave like ordinary hosts.
Well, it depends on what you mean by "zombie". If someone r
Raimo Niskanen <[EMAIL PROTECTED]> writes:
> What does "lsof -ni:spamd | wc -l" say during the peaks?
> On my machine spamd ran out of sockets (about 670).
Depending on the exact properties of the traffic you may get some
mileage out of using state tracking options to limit the number of
simultan
On Fri, 8 Feb 2008 15:36:01 +0100, Raimo Niskanen wrote:
>On Fri, Feb 08, 2008 at 10:08:19PM +1100, Rod Whitworth wrote:
>> On Fri, 8 Feb 2008 11:07:15 +0100, Raimo Niskanen wrote:
>>
>:
>:
>> >
>> >* To make the greylist herustics validate the hosts
>> >by reverse DNS PTR lookup and then forward
On Fri, 8 Feb 2008, Stuart Henderson wrote:
>On 2008/02/08 11:35, Dave Anderson wrote:
>> On Fri, 8 Feb 2008, Peter N. M. Hansteen wrote:
>>
>> >Raimo Niskanen <[EMAIL PROTECTED]> writes:
>> >
>> >> If a backscatter gets through to sendmail, and it is to an invalid
>> >> user, what is the proper t
On 2008/02/08 11:35, Dave Anderson wrote:
> On Fri, 8 Feb 2008, Peter N. M. Hansteen wrote:
>
> >Raimo Niskanen <[EMAIL PROTECTED]> writes:
> >
> >> If a backscatter gets through to sendmail, and it is to an invalid
> >> user, what is the proper thing for sendmail to do? My sendmail
> >> most prob
On Fri, 8 Feb 2008, Peter N. M. Hansteen wrote:
>Raimo Niskanen <[EMAIL PROTECTED]> writes:
>
>> If a backscatter gets through to sendmail, and it is to an invalid
>> user, what is the proper thing for sendmail to do? My sendmail
>> most probably does the default, which I guess is to bounce the ma
Raimo,
Can you use the spamd.alloweddomains to whitelist email addresses and
domains you accept mail for? Any email sent to your mail server that is not
on the list will only goto spamd and never get the chance to be
greylisted/whitelisted. Then you could write a simple script to look
through the
On Fri, 8 Feb 2008, Raimo Niskanen wrote:
>Now I am trying to improve the Greyscanner. I noticed it did not
>trap hosts using an empty envelope sender, unless there were
>more than one entry from that host. I regarded it as a bug
>and fixed it. I hope an empty envelope sender really
>is suspicious
Raimo Niskanen <[EMAIL PROTECTED]> writes:
> If a backscatter gets through to sendmail, and it is to an invalid
> user, what is the proper thing for sendmail to do? My sendmail
> most probably does the default, which I guess is to bounce the mail.
yes, if you receive a message intended for a non-
On Fri, Feb 08, 2008 at 10:08:19PM +1100, Rod Whitworth wrote:
> On Fri, 8 Feb 2008 11:07:15 +0100, Raimo Niskanen wrote:
>
:
:
> >
> >* To make the greylist herustics validate the hosts
> >by reverse DNS PTR lookup and then forward A lookup
> >is apparetly a debatable issue according to the
> >c
On Fri, Feb 08, 2008 at 12:33:47PM +0100, Peter N. M. Hansteen wrote:
> Raimo Niskanen <[EMAIL PROTECTED]> writes:
>
> > Apparently we (our mail server) got targeted by a zombie network
> > since suddenly there were some 3 hosts on spamd's whitelist,
> > continously some 600 connections to spa
Raimo Niskanen <[EMAIL PROTECTED]> writes:
> Apparently we (our mail server) got targeted by a zombie network
> since suddenly there were some 3 hosts on spamd's whitelist,
> continously some 600 connections to spamd, and only mails to
> unknown users coming in. The network connection was floo
On Fri, 8 Feb 2008 11:07:15 +0100, Raimo Niskanen wrote:
>Apparently we (our mail server) got targeted by a zombie network
>since suddenly there were some 3 hosts on spamd's whitelist,
>continously some 600 connections to spamd, and only mails to
>unknown users coming in. The network connectio
Apparently we (our mail server) got targeted by a zombie network
since suddenly there were some 3 hosts on spamd's whitelist,
continously some 600 connections to spamd, and only mails to
unknown users coming in. The network connection was flooded,
the web server sluggish, downloads creeped, bas
20 matches
Mail list logo
