Fernando Gleiser wrote: > It worked flawlessly until the last version of sober hit it a couple of > days ago. Since then that piece of cr*p is hitting it with bursts > where the server gets 60+ mails in less than 10seconds, so MD runs out > of slaves.
You might want to set the ConnectionRateThrottle parameter in Sendmail (confCONNECTION_RATE_THROTTLE in sendmail.mc) quite low, like to around 3. That delays connections if more than 3/second come in. While it still doesn't really prevent the DoS, it can smooth the load on the machine. Or you can use Sendmail 8.13's more fine-grained rate_control features so that any one IP address can't open too many connections too quickly. But your solution of blocking offending IPs in access.db is probably a good one for now. Regards, David. _______________________________________________ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
