Hi,
On Sat, Jul 23, 2011 at 7:35 PM, Jake Vickers <[email protected]> wrote:
>
> If you want a hammer, you can iptables it - here's one I use on some server
> to prevent hammering on port 25:
> -A INPUT -i eth0 -p tcp -m tcp --dport 25 -m state --state NEW -m recent
> --update --seconds 60 --hitcount 10 --name DEFAULT --rsource -j DROP
> -A INPUT -i eth0 -p tcp -m tcp --dport 25 -m state --state NEW -m recent
> --set --name DEFAULT --rsource
>
> So the above blocks any IP trying more than 10 connections in 60 seconds on
> port 25.
That's valualbe information, thanks!
For how long will that blocking be active -- until iptables is restarted?
And to clarify: if a person sends a message to 20 recipients on your
server -- this is counted as 1 connection or as 20? I'm just wondering
what a reasonable connection limit should be for an "average" mail
server...
Best,
Peter
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
