Results 1 to 5 of 5
  1. #1

    Angry Throttling/limiting SMTP - block spammers

    Anyone have any tips on throttling/alerting to mass smtp sends from your servers? Anything built into sendmail i can tinker with?

    We already do the relay checks and several others, but they don't do much to prevent anything internal to the server from going nuts.. had a user i just had to "fire" for running this script.

    any suggestions?

  2. #2
    Join Date
    Sep 2002
    Location
    Mansfield
    Posts
    314
    100th post! On my favorite topic, Qmail!

    If using Qmail is not an option I apologize in advance.

    There is a setting called concurrency remote that limits the number of outbound emails.

    Coupled with a queue monitor that pages out when the queue reaches a pre-set limit, we are able to manage 500+ mail domains.

    Qmail also allows the mail to stop while pop & smtp still work, so the users never know no mail is moving.

    We then can look at the queue, delete from it if needed, LART the offender, and move on.
    GUI admin tools have no honor. It is a good day to vi.

  3. #3
    Hosting machines are Ensim(hence sendmail).

    what i'll probably do is build a dedicated outbound relay that all the hosting servers forward to and run qmail on there as that seems to be the best solution.. probably use this for all inbound/outbound traffic before it hits the individual servers. (also gives me better failover).

    would qmail be able to operate in such a fashion or does it require local accounts for all users to check against?

    thanks!

  4. #4
    Join Date
    Sep 2002
    Location
    Mansfield
    Posts
    314
    For the inbound stuff look into smtproutes. Add an MX record and voila' - inbound filtering. You can keep your virus scan/RBLsmtpd there. Stuff eats CPU/Mem.

    For out bound it's no different than setting up a relay for webforms/formail

    Users POP & SMTP from their same server, never know what happened.
    GUI admin tools have no honor. It is a good day to vi.

  5. #5
    The most profitable way I can think of to attack the problem is to
    have your customers agree to a no-spam policy, prior to turning up
    their service, that has some teeth in it that will cause them some
    financial pain if they spam - say $500 for clean up....

    We've had more problems with people have exploitable scripts on their
    web sites that non-customers exploit than customers spamming directly.

    Your mileage may vary...

    Darin
    [COLOR=royal blue]Deru[/COLOR] Communications
    www.deru.net

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •