Top posting, for the archives...
Problem probably solved. There has been a new spam backscatter
flood, and this time it had no impact on my server's network
connectivity. Spamd did just fine. It now runs with the
flags -B 300 -c 400 -S 30 -s 3 (among others) and they
brought down the network load
On Mon, Feb 11, 2008 at 11:17:35AM +0100, Raimo Niskanen wrote:
On Fri, Feb 08, 2008 at 11:20:31AM -0500, Calomel wrote:
Raimo,
Can you use the spamd.alloweddomains to whitelist email addresses and
domains you accept mail for? Any email sent to your mail server that is not
on the list will
On Monday 11 February 2008, Raimo Niskanen wrote:
'Mail From: '
One of several that will put you on the http://rfc-ignorant.org/
blacklist.
--
Chris
On Fri, Feb 08, 2008 at 11:20:31AM -0500, Calomel wrote:
Raimo,
Can you use the spamd.alloweddomains to whitelist email addresses and
domains you accept mail for? Any email sent to your mail server that is not
on the list will only goto spamd and never get the chance to be
On Fri, Feb 08, 2008 at 11:19:06AM -0500, Dave Anderson wrote:
On Fri, 8 Feb 2008, Raimo Niskanen wrote:
Now I am trying to improve the Greyscanner. I noticed it did not
trap hosts using an empty envelope sender, unless there were
more than one entry from that host. I regarded it as a bug
Raimo Niskanen [EMAIL PROTECTED] writes:
What does lsof -ni:spamd | wc -l say during the peaks?
On my machine spamd ran out of sockets (about 670).
Depending on the exact properties of the traffic you may get some
mileage out of using state tracking options to limit the number of
simultaneous
On 08/02/2008, Raimo Niskanen [EMAIL PROTECTED] wrote:
Can spamd do anything about zombie hosts? They behave like
normal MTAs so they will pass spamd's behavioural tests, right?
I don't think most zombies behave like ordinary hosts.
Well, it depends on what you mean by zombie. If someone runs
On Fri, 8 Feb 2008 11:07:15 +0100, Raimo Niskanen wrote:
Apparently we (our mail server) got targeted by a zombie network
since suddenly there were some 3 hosts on spamd's whitelist,
continously some 600 connections to spamd, and only mails to
unknown users coming in. The network connection
Apparently we (our mail server) got targeted by a zombie network
since suddenly there were some 3 hosts on spamd's whitelist,
continously some 600 connections to spamd, and only mails to
unknown users coming in. The network connection was flooded,
the web server sluggish, downloads creeped,
On Fri, Feb 08, 2008 at 10:08:19PM +1100, Rod Whitworth wrote:
On Fri, 8 Feb 2008 11:07:15 +0100, Raimo Niskanen wrote:
:
:
* To make the greylist herustics validate the hosts
by reverse DNS PTR lookup and then forward A lookup
is apparetly a debatable issue according to the
current
On Fri, Feb 08, 2008 at 12:33:47PM +0100, Peter N. M. Hansteen wrote:
Raimo Niskanen [EMAIL PROTECTED] writes:
Apparently we (our mail server) got targeted by a zombie network
since suddenly there were some 3 hosts on spamd's whitelist,
continously some 600 connections to spamd, and
On Fri, 8 Feb 2008, Raimo Niskanen wrote:
Now I am trying to improve the Greyscanner. I noticed it did not
trap hosts using an empty envelope sender, unless there were
more than one entry from that host. I regarded it as a bug
and fixed it. I hope an empty envelope sender really
is suspicious or
Raimo,
Can you use the spamd.alloweddomains to whitelist email addresses and
domains you accept mail for? Any email sent to your mail server that is not
on the list will only goto spamd and never get the chance to be
greylisted/whitelisted. Then you could write a simple script to look
through the
On Fri, 8 Feb 2008, Peter N. M. Hansteen wrote:
Raimo Niskanen [EMAIL PROTECTED] writes:
If a backscatter gets through to sendmail, and it is to an invalid
user, what is the proper thing for sendmail to do? My sendmail
most probably does the default, which I guess is to bounce the mail.
yes,
Raimo Niskanen [EMAIL PROTECTED] writes:
If a backscatter gets through to sendmail, and it is to an invalid
user, what is the proper thing for sendmail to do? My sendmail
most probably does the default, which I guess is to bounce the mail.
yes, if you receive a message intended for a
Raimo Niskanen [EMAIL PROTECTED] writes:
Apparently we (our mail server) got targeted by a zombie network
since suddenly there were some 3 hosts on spamd's whitelist,
continously some 600 connections to spamd, and only mails to
unknown users coming in. The network connection was flooded,
On Fri, 8 Feb 2008, Stuart Henderson wrote:
On 2008/02/08 11:35, Dave Anderson wrote:
On Fri, 8 Feb 2008, Peter N. M. Hansteen wrote:
Raimo Niskanen [EMAIL PROTECTED] writes:
If a backscatter gets through to sendmail, and it is to an invalid
user, what is the proper thing for sendmail to
On 2008/02/08 11:35, Dave Anderson wrote:
On Fri, 8 Feb 2008, Peter N. M. Hansteen wrote:
Raimo Niskanen [EMAIL PROTECTED] writes:
If a backscatter gets through to sendmail, and it is to an invalid
user, what is the proper thing for sendmail to do? My sendmail
most probably does the
On Fri, 8 Feb 2008 15:36:01 +0100, Raimo Niskanen wrote:
On Fri, Feb 08, 2008 at 10:08:19PM +1100, Rod Whitworth wrote:
On Fri, 8 Feb 2008 11:07:15 +0100, Raimo Niskanen wrote:
:
:
* To make the greylist herustics validate the hosts
by reverse DNS PTR lookup and then forward A lookup
is
19 matches
Mail list logo