Off-Topic: Re: [Mimedefang] Re: DoS Question - Sendmail 8.13 hints
Kevin A. McGrail
kmcgrail at pccc.com
Mon Aug 29 11:20:00 EDT 2005
Jim:
I seriously don't remember but we have had excellent luck using:
Bad Rcpt throttle daemon to block IPs performing dictionary attacks for
short periods of time
8.13 sendmail.mc features like:
FEATURE(`delay_checks')
FEATURE(`greet_pause', `1250') dnl 5 seconds
FEATURE(`ratecontrol', `nodelay', `terminate')
FEATURE(`conncontrol', `nodelay', `terminate')
and access file changes:
ClientConn: 5
ClientRate: 10
We also use these configuration settings to disable identd and to try and
lower the number of connections that are just trapped in a wait status:
define(`confTO_IDENT', `0s')dnl
define(`confTO_DATAINIT',`2m')dnl
define(`confTO_ICONNECT',`5s')dnl
define(`confTO_MAIL',`2m')dnl
Regards,
KAM
> Did you ever figure out the sendmail DOS problem? We are getting it
> bad on our server!
More information about the MIMEDefang
mailing list