On Wed, Dec 30, 2015 at 10:45 AM, theresa mic-snare <[email protected]> wrote: > Hi guys, > > sorry it's me again. Recently I've found myself flooded with one specific > type of request. It seems automated because it happens hourly. Today I've > had 16 of those so far: > postfix/smtpd[30215]: warning: 104.167.104.13: hostname Tor-Private.ru > verification failed: Name or service not known > > it started a few days ago.... > > It's classified as a Level 2 alert as "Unknown problem somewhere in the > system." > and it origins from the postfix log /var/log/maillog > > here's my two questions: > > is there anything I could do to make it stop? I have already created an > iptables rule but it seems to go on.... (DROP all -- Tor-Private.ru > anywhere ) > I would like to create a rule for it in the postfix_rules, so that it > doesn't say "Unknown problem somewhere in the system." ... > > what would be an ideal fit? "attempted mail relay abuse" or something like > that? >
I'd probably make it "address verification failed" or something like that. > what do you think? > > > best, > > theresa > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
