Shiv. Nath wrote:
> On 6/14/12 11:33 PM, Gustavo Lacoste wrote:
>> Dear CentOS Community
>>
>> Is totally clear there's no support sendmail platform today, but I need
>> to stop SMTP brute-force attack on sendmail. My server is attacked today,
>> my maillog look like :
>>
>> 4624@xxxxxxxxxxxx>, proto=ESMTP, daemon=MTA, relay=myserver.com
>> [127.0.0.1]
>> Jun 14 19:07:01 at6412 sendmail[24627]: q5EN71jC024627: from=<>,
>> size=3958,
>> class=0, nrcpts=1, msgid=<201206142307.q5EN710u024623@xxxxxxxxxxxx>,
>> proto=ESMTP, daemon=MTA, relay=myserver.com [127.0.0.1]
<snip>
>> I need help for STOP this spamers right now.
>
> there are few solutions available to do this.
>
> 1.) install & configure fail2ban
>
> 2.) Using IP Tables: i don't know if it is applicable to you
<snip>
I strongly encourage you to use fail2ban. Which, btw, rewrites iptables
rules on the fly....
Speaking of which... are other folks seeing a low-level (that is, hit, try
later, hit, try later, etc, over weeks, rather than trytrytrytrytrytrytry
in one shot) from
inetnum: 91.201.64.0 - 91.201.67.255
netname: Donekoserv
descr: DonEkoService Ltd
country: RU
This is explicitly against PMA, which I gather, is apache-pma.
mark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
