CC:
Hi List,
i am having a security issue sort of, and was wondering if you know any solutions to this. Someone is bombarding my server with mail, forcing sendmail to run the max allowed child processes and start to reject > requests to send mail. what techniques could i use to filter the traffic to > sendmail before it acctually hits the daemon, and therefor prevent the high load > on it?
regards Evert Smit
Hello Evert, what's about placing a port-forwarder between the incoming stuff (port 25) an your smtpd. (inetd-config ...) Within the script you can scan for "MAILER-DAEMON@" or some more appropriate already during the login (HELO/EHLO .. RCPT TO a.s.o.) and simply/rough abort the connection if needed. This should take less system-resources than childen the whole smtpd. There are enough script-sceletons out there i think -- O'Reilly :-) If needed i can send you one .... Regards Kristofer Hoelzer