Re: postfix iptables spam detection

To: debian-isp@lists.debian.org
Subject: Re: postfix iptables spam detection
From: Héja Gábor <kakaopor@kakaopor.hu>
Date: Wed, 26 Aug 2009 15:13:04 +0200
Message-id: <[🔎] eed7726d040325e8e44487fdbac593df@localhost>
Reply-to: kakaopor@kakaopor.hu
In-reply-to: <[🔎] d1473ad90908260511m2b8a8baq9bdf8bbfa870e49f@mail.gmail.com>
References: <[🔎] d1473ad90908260511m2b8a8baq9bdf8bbfa870e49f@mail.gmail.com>

Hi,

I think you can configure fail2ban to detect that kind of attacks.

It has the filter.d/*.conf files, where you can configure filters for
specific regex patterns. You can create your own as well, and then all you
need is to add your custom filter in jail.local (or jail.conf, but that is
not advised).

Best regards,
 Gabor

Ps: sorry for the duplicate mail, have not cc-ed the list before.

On Wed, 26 Aug 2009 14:11:39 +0200, Wojciech Ziniewicz
<wojciech.ziniewicz@gmail.com> wrote:
> Hi,
> 
> I'm looking for a tool similar to http://www.fail2ban.org/ but for
> SMTP protocol.
> 
> I have mail server that filters unwanted traffic from spammers quite
> well, but some of my clients send tons of spam (of course they're
> normally authenticated and let through ) and after it's queued , my
> server starts dying because of several thousand emails in mail queue.
> 
> I was wondering if there's any tool like fail2ban or policyd-weight
> that would ban or blacklist a message before it's queued on the basis
> of syslog stats (number of smtp connections per minute etc).
> 
> 
> regards
> 
> -- 
> Wojciech Ziniewicz
> http://rfc.sunsite.dk/rfc/rfc2324.html
> 
> 
>

Reply to:

References:
- postfix iptables spam detection
  - From: Wojciech Ziniewicz <wojciech.ziniewicz@gmail.com>

Prev by Date: postfix iptables spam detection
Next by Date: Re: postfix iptables spam detection
Previous by thread: postfix iptables spam detection
Next by thread: Re: postfix iptables spam detection
Index(es):
- Date
- Thread