mouss wrote:
and if the probes use multiple TCP connections (if the pop server
disconnects after a failure), then he can use rate limiting in his
packet filter if supported ("recent" in iptables, "overload" in pf).
here is an example using iptables recent module: http://lists.opensuse.org/opensuse-security/2006-11/msg00025.html Just change the port and the rate limit for your needs. Check that your ipt_recent netfilter module is recent enough
