Results 1 to 9 of 9
-
05-27-2005, 11:40 AM #1Web Hosting Guru
- Join Date
- Jul 2004
- Location
- Reporting Live from Marrz
- Posts
- 257
Postfix and Dictionary Attack Banning
I am watching the stinking spammer run his puny dictionary attack on one of our hosted main sites slowly whole day. There is an option for the non-existent account attempts to delay the delivery after xx seconds, and it works. In the whole day, he managed to try maybe 8-10 names from his dictionary.
However... is there a possibility or an add-on to ban the IP attempting such actions after X attempts for X seconds/minutes?
Thanks,
-
05-27-2005, 02:02 PM #2ThirtySx Bits Forever!
- Join Date
- Jul 2001
- Location
- Canada
- Posts
- 1,284
There was a discussion of this on the ev1servers forum ...
http://forum.ev1servers.net/printthread.php?t=50435
Hope it helps."Obsolesence is just a lack of imagination."
-
05-27-2005, 03:55 PM #3Web Hosting Guru
- Join Date
- Jul 2004
- Location
- Reporting Live from Marrz
- Posts
- 257
Hm... boy, that is a LOOONG discussion I will read up on it, see what comes up.
Thanks
-
05-27-2005, 04:34 PM #4learning is in the doing
- Join Date
- Sep 2000
- Location
- Alberta, Canada
- Posts
- 3,146
Dictionary Attack Prevention
http://www.configserver.com/free/eximdeny.html
That is a script (for WHM / Exim) that I've used and had some sucess with. And it's Free too!• PotentProducts.com - for all your Hosting needs
• Helping people Host, Create and Maintain their Web Site
• ServerAdmin Services also available
-
05-27-2005, 05:00 PM #5Web Hosting Guru
- Join Date
- Jul 2004
- Location
- Reporting Live from Marrz
- Posts
- 257
Yup, was using it before while on Exim... I am just snooping around for something for Postfix, before I try to mix something up myself... haven't found anything yet, though.
-
05-27-2005, 05:31 PM #6learning is in the doing
- Join Date
- Sep 2000
- Location
- Alberta, Canada
- Posts
- 3,146
Then you might want to try this "Greylisting" script. Works with almost anything.
http://projects.puremagic.com/greylisting/links.html• PotentProducts.com - for all your Hosting needs
• Helping people Host, Create and Maintain their Web Site
• ServerAdmin Services also available
-
05-27-2005, 06:20 PM #7Web Hosting Guru
- Join Date
- Jul 2004
- Location
- Reporting Live from Marrz
- Posts
- 257
Thanks, I was just browsing greylisting.org planning to implement grey- and whitelisting. Postfix has a somewhat simplified greylisting ability built in (not on by default though) so I was looking at it, but I will surely look into the script you posted me.
And as whitelisting is strongly adviced with greylisting, would this list:
http://cvs.puremagic.com/viewcvs/gre...itelist_ip.txt
be OK for whitelisting?
Thanks again
-
05-27-2005, 06:24 PM #8learning is in the doing
- Join Date
- Sep 2000
- Location
- Alberta, Canada
- Posts
- 3,146
I've also preferred whitelisting as a default. Makes it easier to keep track of those blacklisted.
• PotentProducts.com - for all your Hosting needs
• Helping people Host, Create and Maintain their Web Site
• ServerAdmin Services also available
-
05-28-2005, 10:23 AM #9Web Hosting Guru
- Join Date
- Jul 2004
- Location
- Reporting Live from Marrz
- Posts
- 257
Thanks!