Re: postfix iptables spam detection
I think you can configure fail2ban to detect that kind of attacks.
It has the filter.d/*.conf files, where you can configure filters for
specific regex patterns. You can create your own as well, and then all you
need is to add your custom filter in jail.local (or jail.conf, but that is
Ps: sorry for the duplicate mail, have not cc-ed the list before.
On Wed, 26 Aug 2009 14:11:39 +0200, Wojciech Ziniewicz
> I'm looking for a tool similar to http://www.fail2ban.org/ but for
> SMTP protocol.
> I have mail server that filters unwanted traffic from spammers quite
> well, but some of my clients send tons of spam (of course they're
> normally authenticated and let through ) and after it's queued , my
> server starts dying because of several thousand emails in mail queue.
> I was wondering if there's any tool like fail2ban or policyd-weight
> that would ban or blacklist a message before it's queued on the basis
> of syslog stats (number of smtp connections per minute etc).
> Wojciech Ziniewicz