From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Iy4AP-0005Pg-GJ for garchives@archives.gentoo.org; Fri, 30 Nov 2007 11:36:21 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.2/8.14.0) with SMTP id lAUBYUgD002708; Fri, 30 Nov 2007 11:34:30 GMT Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.227]) by robin.gentoo.org (8.14.2/8.14.0) with ESMTP id lAUBYTTc002703 for ; Fri, 30 Nov 2007 11:34:30 GMT Received: by wr-out-0506.google.com with SMTP id c49so1928828wra for ; Fri, 30 Nov 2007 03:34:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=9JtGkHM1+kg03migBniqKQex/d3+xNcG0YYW/q7AXho=; b=wL/eRXt2lV6cmYI4/NQJJwyVbo3NOu1vVSy8iyBXi0YgHOETyU3JXRDvAVysSDPIBLH0niFLJWQuA9PIeU/14+qpuQ0VpadelV+ANUj2GW/ApF5tjgR3jIDfgwLJNgNjH2PLzlO9Gh+z0q83AC6FV+gFG7KTI0u3Xx3tL3q/H0c= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=bSsUhGXm/gEZZEk7oRvEfA39OdSG8seoYlK25Ut1NlwflH7JN9TvYlTGshoZUcith+FRyLdaxZX1IPXzJxwbBuyFFFSWW6nLcxYfkN1AeMV9dP8LjbTnG9SA1+f2vQoX0rX3EFlPbl4U1aRxhyN0jb1tYQCyYe3SVM7pfCYYqaI= Received: by 10.143.1.2 with SMTP id d2mr546384wfi.1196422466717; Fri, 30 Nov 2007 03:34:26 -0800 (PST) Received: by 10.142.180.18 with HTTP; Fri, 30 Nov 2007 03:34:26 -0800 (PST) Message-ID: <279fbba40711300334k62b356eej90db419b06144aca@mail.gmail.com> Date: Fri, 30 Nov 2007 11:34:26 +0000 From: "Kerin Millar" To: gentoo-server@lists.gentoo.org Subject: Re: [gentoo-server] SMTP Woes In-Reply-To: <474FE475.7050402@buanzo.com.ar> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <474FB504.5090209@electronsweatshop.com> <474FE475.7050402@buanzo.com.ar> X-Archives-Salt: 8f8c8064-7e6f-4dc3-b7e5-7cc60e8ed594 X-Archives-Hash: b39c49d4917c0b0864f0c4f8ef0750e1 On 30/11/2007, Arturo 'Buanzo' Busleiman wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Randy Barlow wrote: > > I am getting a huge number of connections to my mail server (postfix) > > compared to usual. I've seen as many as 50 connections open at one > > time. The logs show that the connections are from several computers of > > varying IPs, and they are all trying to send mail to random mailboxes on > > my domain. It's very annoying, and I have noticed that inbound mail > > seems to be lagging by several hours. Is there something similar to > > denyhosts for spammers? Any other suggestions? > > Check those IPs against: www.robtex.com/rbl > Choose your favorite blacklists (test them, some of them provide too many false positives) and > implement with them DNSBL/RBL in your postfix. Also, SPF and greylisting make a good job. Regarding SPF, I'd just like to add that the SPF policy daemons (which can be integrated into postfix very easily) are available at http://www.openspf.org/Software. There are implementations in perl and python and, as luck would have it, the python version is available in portage as mail-filter/pypolicyd-spf. If you choose to endorse SPF then don't forget to define records for one's own domains! A helpful document describing SPF syntax can be found here: http://www.openspf.org/SPF_Record_Syntax. Regards, --Kerin -- gentoo-server@gentoo.org mailing list