-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 "Leigh S. Jones, KR6X" <[EMAIL PROTECTED]> wrote on 2008-Feb-04: > In the past 24 hours the heavy stream of "LOGIN > FAILED" log entries (since I began using the technique) has been cut to > zero.
Just to add one more option to the mix while we're at it. If you are running on linux, you can use iptables to ban ip addresses that make too make connections over a certain period of time. iptables -A INPUT -p tcp --dport pop3 -i eth0 -m state \ --state NEW -m recent --set iptables -A INPUT -p tcp --dport pop3 -i eth0 -m state \ --state NEW -m recent --update --seconds 60 --hitcount 6 -j DROP This watches the pop3 port and if there are more than 6 connections from any particular ip address in 60 seconds, it starts dropping new connections. It will keep dropping them until the host has gone 60 seconds without making a connection. You'd have to play with the numbers to determine what works well for you, of course. I like it because I don't have to maintain it. It maintains itself, at the cost of accepting the first 6 (bad) connections before it starts dropping. Seems like you've got a system that's working for you, so consider this merely your "free gift with purchase". ;-) Jeff Jansen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHpxwYGfIHDMaiC9cRAmPGAJ91tNyOiWwSJxMd7qOUwhEWc38lUgCfQhOK KBxJZdxJSMO6pgjqKw+bDTE= =6qb3 -----END PGP SIGNATURE----- ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
