[Mimedefang] Pounded by spam
Rich West
Rich.West at wesmo.com
Fri Oct 29 12:59:07 EDT 2004
>
>
>> While I know it can be easy to simply block the host, I was wondering
>> if there was some way to avoid the problem all together by
>> potentially identifying hosts attempting to overload the server
>> (Denial Of Service) by throttling down the amount of allowed inbound
>> connections (from external sources) from a single host.
>
>
> Yes. Sendmail >=8.13.0 has several nice options.
>
> FEATURE(`ratecontrol',`nodelay',`terminate')dnl
> FEATURE(`conncontrol')dnl
> define(`confCONNECTION_RATE_WINDOW_SIZE',`60')dnl
I was looking at those, in addition to the FEATURE(`greet_pause', <num>)..
The documentation on sendmail.org's site regarding greet_pause was just
a step above non-existent. I didn't check the others (ratecontrol and
conncontrol).. Looking in to them now.
>
> I am the SysAdmin for an ISP here in Billings. I am unafraid of using
> these controls and they have really helped our situation. I limit 25
> Connections/sec period. I also limit 3 connections from any one
> external host/min.
Just out of curiosity, how, exactly, are you limiting the connections
per second and connections from external hosts/domains?
> I occasionally get the "25" connections and deferring at that rate in
> my logs, but not enough to worry me and we handle ~200,000 emails a
> day. Adjust your connection/defer times accordingly to your normal load.
>
> Have fun and knock them dead at the gate.
Thanks!
-Rich
More information about the MIMEDefang
mailing list