Re: [swinog] smtp attacks

2006-11-27 Diskussionsfäden Daniel Lorch
Hi The problem was made worse by the fact that we had left the response code for a reject due to unknown recipient as 4xx, so naturally one of these emails resulted in many connection attempts if they came from a real mail server (as opposed to a zombie). At one point we were up to 500

Re: [swinog] smtp attacks

2006-11-27 Diskussionsfäden Daniel Kamm
On Mon, 2006-11-27 at 17:58 +0100, Rene Luria wrote: It is due to bounces coming from everywhere. Spamers using fake email addresses from domains for which we are the MX. The amount of such emails (which we almost all reject, user unknown, etc.. because of the fake email addresses) is

Re: [swinog] smtp attacks

2006-11-27 Diskussionsfäden Michael Naef
On Monday 27 November 2006 20:43, Daniel Kamm wrote: Graylisting possibly helps as well. Graylsiting screws up the system E-Mail and doesn't help if the other end is a regular mailserver (cracked useraccount...). I think the only long-term reliable means to the solution of this problem

Re: [swinog] smtp attacks

2006-11-27 Diskussionsfäden Matthias Hertzog
Yes, same here. We had to blacklist several domains to keep our inbound clean. Matthias Hertzog _ mhs @ internet AG Zürcherstrasse 204, CH - 9014 St. Gallen Phone +41 71 274 93 93, Fax +41 71 274 93 94 http://www.mhs.ch

Re: [swinog] smtp attacks

2006-11-27 Diskussionsfäden Daniele Guazzoni
Uhm, my private detected spam count is still average: 150 spam/24h which means 87% of total mails received. Also nothing special here. This is not spam. To unsubscribe to this mail please reply with the words shut up in the subject, directly to me :-) Daniele Matthias Hertzog wrote: Yes,