login
Login / Register
Header Space

 
 

Home » Mailing list archives » openbsd-misc » 2007 » September » 23

SMTP flood + spamdb

Score:
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: patrick keshishian <pkeshish@...>
To: <misc@...>
Subject: SMTP flood + spamdb
Date: Sunday, September 23, 2007 - 6:33 pm

Hi all,

At around 1:40 PM (PDT) my SMTP server started getting flooded
by enormous amount of connections.  The connections were for
seemingly random "users" @my-domain-name.

I'm running spamdb in greylist mode, but these servers were
getting white-listed very quickly.

$ /usr/sbin/spamdb | /usr/bin/grep -c ^WHITE
717

Typical value for above is not more than 20.  Traffic going
in/out of my mail-server is minimal.

I would remove them from the WHITE list and they would fill up
almost immediately.

My guess is someone is using these faked addresses (user@my-domain)
to send out SPAM and I'm getting the bounces from these.

I'm basically looking for opinions as how to combat this problem
right now.  I'm not even 100% on the bounced email theory, but
this had happened to me once before back in May 2003, but the
bounces were mainly from gc.ca domain.

I use gmane to read the list. If not too much to ask, please CC
me on your reply(ies).

Thanks,
--patrick

p.s., Server is running cvs updated -rOPENBSD_4_1 code.
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
SMTP flood + spamdb, patrick keshishian, (Sun Sep 23, 6:33 pm)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Mon Sep 24, 1:34 am)
Re: SMTP flood + spamdb, patrick keshishian, (Tue Sep 25, 3:08 am)
Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 4:38 am)
Re: SMTP flood + spamdb, RW, (Tue Sep 25, 7:00 am)
Re: SMTP flood + spamdb, Liviu Daia, (Tue Sep 25, 7:14 am)
Re: SMTP flood + spamdb, RW, (Tue Sep 25, 7:17 pm)
Re: SMTP flood + spamdb, Liviu Daia, (Tue Sep 25, 8:16 pm)
Re: SMTP flood + spamdb, RW, (Wed Sep 26, 12:25 am)
Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 7:40 am)
Re: SMTP flood + spamdb, RW, (Tue Sep 25, 7:04 pm)
Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 4:00 am)
Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 7:18 am)
Re: SMTP flood + spamdb, Damien Miller, (Wed Sep 26, 8:45 am)
Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 9:27 am)
Re: SMTP flood + spamdb, Jeremy C. Reed, (Wed Sep 26, 9:51 am)
Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 9:41 am)
Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 10:02 am)
Re: SMTP flood + spamdb, Eric Johnson, (Thu Sep 27, 5:45 am)
Re: SMTP flood + spamdb, Dave Anderson, (Wed Sep 26, 11:03 am)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 11:26 am)
Re: SMTP flood + spamdb, RW, (Wed Sep 26, 6:21 pm)
Re: SMTP flood + spamdb, Stuart Henderson, (Wed Sep 26, 11:23 am)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 10:54 am)
Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 1:05 pm)
Re: SMTP flood + spamdb, Rob, (Wed Sep 26, 5:03 pm)
Re: SMTP flood + spamdb, Hannah Schroeter, (Wed Sep 26, 5:33 pm)
Re: SMTP flood + spamdb, Rob, (Wed Sep 26, 5:51 pm)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 6:17 pm)
Re: SMTP flood + spamdb, Jeremy C. Reed, (Wed Sep 26, 1:48 pm)
Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 2:16 pm)
Re: SMTP flood + spamdb, Bob Beck, (Wed Sep 26, 1:22 pm)
Re: SMTP flood + spamdb, Juan Miscaro, (Thu Sep 27, 12:36 pm)
Re: SMTP flood + spamdb, Bob Beck, (Thu Sep 27, 1:50 pm)
Re: SMTP flood + spamdb, Kurt Mosiejczuk, (Thu Sep 27, 2:04 pm)
Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 2:13 pm)
Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 10:29 am)
Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 10:22 am)
Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 10:38 am)
Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 11:59 am)
Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 10:48 am)
Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 11:01 am)
Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 12:06 pm)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 4:46 am)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 7:22 am)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 4:50 am)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 3:38 am)
Re: SMTP flood + spamdb, Darrin Chandler, (Sun Sep 23, 8:39 pm)
Re: SMTP flood + spamdb, patrick keshishian, (Sun Sep 23, 11:53 pm)
Re: SMTP flood + spamdb, Stuart Henderson, (Mon Sep 24, 6:47 am)
Re: SMTP flood + spamdb, patrick keshishian, (Mon Sep 24, 11:01 pm)
Re: SMTP flood + spamdb, Stuart Henderson, (Tue Sep 25, 5:29 am)
Re: SMTP flood + spamdb, Stuart Henderson, (Tue Sep 25, 6:56 am)
Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 7:30 am)
Re: SMTP flood + spamdb, Chris Smith, (Tue Sep 25, 10:51 am)
Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 3:50 am)
Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 6:36 am)
Re: SMTP flood + spamdb, Daniel Ouellet, (Sun Sep 23, 11:58 pm)

Mail archive search
Enter your search terms.
Optionally limit your search to a specific mailing list.
advanced
Colocation donated by:
Who's online
There are currently 3 users and 1348 guests online.

Online users

Syndicate
Syndicate content
© 2007 KernelTrap.  |  Powered by Drupal.  |  Legal statement.
speck-geostationary