SMTP flood + spamdb

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: <misc@...>

Date: Sunday, September 23, 2007 - 6:33 pm

Hi all,

At around 1:40 PM (PDT) my SMTP server started getting flooded
by enormous amount of connections. The connections were for
seemingly random "users" @my-domain-name.

I'm running spamdb in greylist mode, but these servers were
getting white-listed very quickly.

$ /usr/sbin/spamdb | /usr/bin/grep -c ^WHITE
717

Typical value for above is not more than 20. Traffic going
in/out of my mail-server is minimal.

I would remove them from the WHITE list and they would fill up
almost immediately.

My guess is someone is using these faked addresses (user@my-domain)
to send out SPAM and I'm getting the bounces from these.

I'm basically looking for opinions as how to combat this problem
right now. I'm not even 100% on the bounced email theory, but
this had happened to me once before back in May 2003, but the
bounces were mainly from gc.ca domain.

I use gmane to read the list. If not too much to ask, please CC
me on your reply(ies).

Thanks,
--patrick

p.s., Server is running cvs updated -rOPENBSD_4_1 code.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

SMTP flood + spamdb, patrick keshishian, (Sun Sep 23, 6:33 pm)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Mon Sep 24, 1:34 am)

Re: SMTP flood + spamdb, patrick keshishian, (Tue Sep 25, 3:08 am)

Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 4:38 am)

Re: SMTP flood + spamdb, RW, (Tue Sep 25, 7:00 am)

Re: SMTP flood + spamdb, Liviu Daia, (Tue Sep 25, 7:14 am)

Re: SMTP flood + spamdb, RW, (Tue Sep 25, 7:17 pm)

Re: SMTP flood + spamdb, Liviu Daia, (Tue Sep 25, 8:16 pm)

Re: SMTP flood + spamdb, RW, (Wed Sep 26, 12:25 am)

Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 7:40 am)

Re: SMTP flood + spamdb, RW, (Tue Sep 25, 7:04 pm)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 4:00 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 7:18 am)

Re: SMTP flood + spamdb, Damien Miller, (Wed Sep 26, 8:45 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 9:27 am)

Re: SMTP flood + spamdb, Jeremy C. Reed, (Wed Sep 26, 9:51 am)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 9:41 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 10:02 am)

Re: SMTP flood + spamdb, Eric Johnson, (Thu Sep 27, 5:45 am)

Re: SMTP flood + spamdb, Dave Anderson, (Wed Sep 26, 11:03 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 11:26 am)

Re: SMTP flood + spamdb, RW, (Wed Sep 26, 6:21 pm)

Re: SMTP flood + spamdb, Stuart Henderson, (Wed Sep 26, 11:23 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 10:54 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 1:05 pm)

Re: SMTP flood + spamdb, Rob, (Wed Sep 26, 5:03 pm)

Re: SMTP flood + spamdb, Hannah Schroeter, (Wed Sep 26, 5:33 pm)

Re: SMTP flood + spamdb, Rob, (Wed Sep 26, 5:51 pm)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 6:17 pm)

Re: SMTP flood + spamdb, Jeremy C. Reed, (Wed Sep 26, 1:48 pm)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 2:16 pm)

Re: SMTP flood + spamdb, Bob Beck, (Wed Sep 26, 1:22 pm)

Re: SMTP flood + spamdb, Juan Miscaro, (Thu Sep 27, 12:36 pm)

Re: SMTP flood + spamdb, Bob Beck, (Thu Sep 27, 1:50 pm)

Re: SMTP flood + spamdb, Kurt Mosiejczuk, (Thu Sep 27, 2:04 pm)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 2:13 pm)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 10:29 am)

Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 10:22 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 10:38 am)

Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 11:59 am)

Re: SMTP flood + spamdb, Liviu Daia, (Wed Sep 26, 10:48 am)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 11:01 am)

Re: SMTP flood + spamdb, Luca Corti, (Wed Sep 26, 12:06 pm)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Wed Sep 26, 4:46 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 7:22 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 4:50 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 3:38 am)

Re: SMTP flood + spamdb, Darrin Chandler, (Sun Sep 23, 8:39 pm)

Re: SMTP flood + spamdb, patrick keshishian, (Sun Sep 23, 11:53 pm)

Re: SMTP flood + spamdb, Stuart Henderson, (Mon Sep 24, 6:47 am)

Re: SMTP flood + spamdb, patrick keshishian, (Mon Sep 24, 11:01 pm)

Re: SMTP flood + spamdb, Stuart Henderson, (Tue Sep 25, 5:29 am)

Re: SMTP flood + spamdb, Stuart Henderson, (Tue Sep 25, 6:56 am)

Re: SMTP flood + spamdb, Craig Skinner, (Tue Sep 25, 7:30 am)

Re: SMTP flood + spamdb, Chris Smith, (Tue Sep 25, 10:51 am)

Re: SMTP flood + spamdb, Craig Skinner, (Wed Sep 26, 3:50 am)

Re: SMTP flood + spamdb, Peter N. M. Hansteen, (Tue Sep 25, 6:36 am)

Re: SMTP flood + spamdb, Daniel Ouellet, (Sun Sep 23, 11:58 pm)


linux-kernel:
KOSAKI Motohiro	[bug?] tg3: Failed to load firmware "tigon/tg3_tso.bin"
Faik Uygur	Re: Linux 2.6.21-rc1
Greg KH	[GIT PATCH] driver core patches against 2.6.24
Trent Piepho	[PATCH] [POWERPC] Improve (in\|out)_beXX() asm code
git:

linux-netdev:
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
David Miller	[GIT]: Networking
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Jens Axboe	Re: [BUG] New Kernel Bugs
openbsd-misc:

SMTP flood + spamdb

Online users