I think I am under a DOS attack on port 25. I have received 2172 smtp packets from the same location yesterday. Due to this activity I have set my firewall to reject all incoming packets from Japan. I notified [EMAIL PROTECTED], [EMAIL PROTECTED], and [EMAIL PROTECTED] of the problem.
That's not going to help much.
It sounds like the server in question has a large pile of spam or other messages to deliver. It's going to keep retrying for days until it either connects and delivers, or gets a rejection.
My suggestion would be to edit your sendmail access file to block the inbound messages from that server, and then let them bounce with a 550 error. This way the problem will go away quicker, and without much load on your SMTP server. Yes you'll get connections, but they'll be rejected shortly after they are established. The mailserver won't retry any 5xx errored emails, but it will retry any time it can't connect.
For example you could add this to /etc/mail/access:
61.121.253.8 550 Server blocked due to excessive mail delivery
------------------------------------------------------- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing & more. Download & eval WebKing and get a free book. www.parasoft.com/bulletproofapps _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
