Getting pounded .. sigh

Sat May 27 16:40:09 IST 2006

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> bounces at lists.mailscanner.info] On Behalf Of Julian Field
> Sent: Monday, May 22, 2006 3:42 PM
> To: MailScanner discussion
> Subject: Re: Getting pounded .. sigh
> 
> Steve,
> 
> Please can you add this to the Wiki? It's a very useful little mine of
> information. Just the link and your contents list of it will do, with
> some links to the original.
> 
> Thanks!
> Jules.
> 
> Stephen Swaney wrote:
> > Stephen Swaney
> > Fort Systems Ltd.
> > stephen.swaney at fsl.com
> > www.fsl.com
> >
> >
> >> -----Original Message-----
> >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> >> bounces at lists.mailscanner.info] On Behalf Of Kevin Miller
> >> Sent: Monday, May 22, 2006 2:16 PM
> >> To: MailScanner discussion
> >> Subject: RE: Getting pounded .. sigh
> >>
> >> sandrews at andrewscompanies.com wrote:
> >>
> >>> I remember talk some time ago, not here, of a way to slow down the
> >>> sender by doing something with an ACK (really out of my pond here).
> >>> Anyone know what I might be thinking of?  If there's some way to hold
> >>> the connection to sender open, that would slow them down sending out
> >>> crap.
> >>>
> >> I thnk you're thinking of sendmail's greet pause feature.  Works great
> >> for "botted" home machines, but real MX hosts aren't tripped up by it.
> >> Another feature that may be of some help is the recipient throttle
> >> (assuming he's using sendmail - Postfix, etc. probably have something
> >> similar) but I'm not using it myself so don't know for sure...
> >>
> >>
> >>
> >> ...Kevin
> >> --
> >>
> >  If you're using sendmail 8.13 look at:
> >
> > 	http://www.technoids.org/dossed.html
> >
> > It's Contents
> >
> >     * 1. Limiting the Rate of Incoming Connections
> >           o 1.1. The ratecontrol Feature
> >           o 1.2. The Connection Rate Throttle
> >     * 2. Limiting Simultaneous Connections with the conncontrol Feature
> >     * 3. Thwarting Dictionary Attacks
> >           o 3.1. Limiting the Number of Recipients per Message
> >           o 3.2. Reacting to "Bad" Recipients
> >     * 4. Blocking Slammers with the greet_pause Feature
> >     * 5. Other Ways to Protect Your sendmail Server
> >     * 6. Afterword
> >
> >

I finally found a few minutes so this has been added to the Wiki:

http://wiki.mailscanner.info/doku.php?id=maq:index#sendmail_8.13_anti-spam_/
_denial_of_service_protection_features 

I've also added:

"How Split a Multiple Recipient Message in Single Messages" under:

http://wiki.mailscanner.info/doku.php?id=maq:index#misc._questions 

I've added the sendmail instructions. If anyone wants to add the Exim method
to split messages to multiple recipients into individual messages please
feel free :)

I don't believe there is yet a Postfix method that can do this efficiently
but please correct me if I am mistaken (and please add to the wiki :).

Steve

Stephen Swaney
Fort Systems Ltd.
stephen.swaney at fsl.com
www.fsl.com