I recently banned all of China from smtp_auth on my server.. No complaints from legitimate customers so far -- China ranges are available on the net. fail2ban is great, use that too.. Perhaps connections-per-source limiting from xinetd is also a good idea.. Good luck.. -t
On 09/02/2012 01:39 AM, Marcin Orlowski wrote: > J.R. Lillard wrote on 2012-09-02 00:30: >> Iptables was my first thought but half a million ips seemed like too >> much for it. How many rules have you had with your script? > IPs are part of classes. If you i.e. got no legit users from certain > class, nor your logs do not show any legit mails comming from certain > class, ban whole class C and even B and further when needed. Let users > know you are fighting DDOS, so they will be aware of some sacrifices. > > Regards, _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users