Hi,
> > The incident make me thinking about a way to handle this kind of
> > problem, and seems to me that if I could limit the number of connections
> > from a single IP my server would not suffer this kind of DOS again.
> >
> > Tcpserver doesnt have this kind of control, right? it can only limit the
> > maximum number of connections, no matter from where they come. It there a
> > way to do that?
>
> tcpserver does not have support for limiting the number of connections
> per IP. You can use courier-imap's pop3d server with vpopmail, as
> couriertcpd DOES support this.
Oh yes... I knew it. I didnt yet discover why, but I have a issue with it and
vpopmail. Using courier, vpopmail could not fill correctly the relay table. I
guess that couriertcpd is not setting the env. variables that vpopmail need.
anyway, google helped me... There´s a patch to tcpserver that does what I
need. It adds limits to the number of connections from a single IP or from a
class C network! very nice... You can grab it here:
http://www.wolfermann.org/djbware.html
--
Christian Lyra
POP-PR - RNP
http://lyra.soueu.com.br
http://wecanstopspam.org
Thus spake the master programmer:
``When the program is being tested, it is too late to make design changes.''
The Tao Of Programing
