it's still a pain to block them at the gateway. i spent about 4 hours chucking in numbers into iptables and still they came in. i found out it was this stupid new remote access trojan that acts as spam relays. i turned on dnsbl.sorbs.net and havn't looked back since. had about a week where i watch mail being blocked and chucked about 6 australian isps into the /etc/mail/access file and nobody has complained since.... we can use our email link again for surfing again which we couldn't before. i had about 15-20 idiots sending me random email addresses at our domain. goodness knows what that proves, except perhaps to bounce back to someone else as spam.
goto www.sorbs.net - they are the business... -----Original Message----- From: Scott Harris [mailto:[EMAIL PROTECTED] Sent: Saturday, December 20, 2003 12:49 AM To: 'Scott Williams'; Spamassassin-List Subject: RE: [SAtalk] Spammer causing Denial Of Service > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Scott Williams > Sent: Thursday, December 18, 2003 11:10 PM > To: Scott Williams > Cc: Spamassassin-List > Subject: [SAtalk] Spammer causing Denial Of Service > > I was looking at the SA logs and noticed how a spammer would > open up multiple sessions all to one target address. He > opened 15 sessions in 10 seconds and proceded to hold them > for 5 minutes until I timed out on the connections. So for 5 > minutes my filter was essentially rendered useless since I > limit it to 15 simultaneous connections due to hardware limitations. > > Has anyone else seen this? What would be the best solution > to combat this? > > > I've seen this before. I'm not sure if it is malicious, or they are just trying 30 different email address all at the same time. I just block them at the router/gateway level on a per IP basis. Scott ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
