On Wed, Feb 27, 2013 at 5:22 PM, Noel Jones wrote:
> On 2/27/2013 2:45 PM, francis picabia wrote:
>
> > Over 390 unique IPs simultaneously sent email at a gradual rate
> > using 3 sets of
> > compromised credentials.
>
> Use postfwd or similar policy service to rate-limit the total
> recipients p
On Wed, Feb 27, 2013 at 4:52 PM, Reindl Harald wrote:
>
>
> Am 27.02.2013 21:45, schrieb francis picabia:
> > I had a set of cascading iptables rules to rate limit new connections,
> > but they circumvented this as well. Based on the IP, there were 5
> connections
> > per minute and 15 connection
On 2/27/2013 2:45 PM, francis picabia wrote:
> Over 390 unique IPs simultaneously sent email at a gradual rate
> using 3 sets of
> compromised credentials.
Use postfwd or similar policy service to rate-limit the total
recipients per account over some period of time.
http://www.postfix.org/SMTPD_
Am 27.02.2013 21:45, schrieb francis picabia:
> I had a set of cascading iptables rules to rate limit new connections,
> but they circumvented this as well. Based on the IP, there were 5 connections
> per minute and 15 connections per 5 minutes. If those were exceeded, iptables
> would block th
On Wed, Feb 27, 2013 at 10:11 AM, francis picabia wrote:
> Hi,
>
> The number of phishing or otherwise compromised accounts is needing
> an automation to manage it. Last night the spammers waited until
> the evening and simultaneously used 3 compromised accounts to send
> spam over secure smtp.
On Wed, Feb 27, 2013 at 10:11:08AM -0400, francis picabia wrote:
> The number of phishing or otherwise compromised accounts is needing
> an automation to manage it. Last night the spammers waited until
> the evening and simultaneously used 3 compromised accounts to send
> spam over secure smtp.
Am 27.02.2013 15:11, schrieb francis picabia:
> The size of the message you are trying to send exceeds a temporary size
> limit of the server. The message was not sent; try to reduce the message size
> or wait some time and try again. The server responded: 4.5.3 Error: too many
> recipients.
>
On Wed, Feb 27, 2013 at 10:11:08AM -0400, francis picabia wrote:
> Hi,
>
> The number of phishing or otherwise compromised accounts is needing
> an automation to manage it. Last night the spammers waited until
> the evening and simultaneously used 3 compromised accounts to send
> spam over secure
Hi,
The number of phishing or otherwise compromised accounts is needing
an automation to manage it. Last night the spammers waited until
the evening and simultaneously used 3 compromised accounts to send
spam over secure smtp. A nagios alert on number of messages
in the queue was our only alarm,
