Craig White wrote: > > --- > there's no way to script that - you have to configure your smtp server > and since you don't mention which smtp server you are using nor what you > have looked at in terms of documentation, there's little anyone could > suggest. > > I did find a perl script from 2001 should be effective and I am testing now. It's called rumplekill.pl and the way it works is pretty simple. It greps for "Unknown user" in the last 1,000 entries in /var/log/maillog | counts the occurrences of the ip, if the count > $threshold then it writes that ip to a file /var/log/blocked_ips That's what I need. I am testing now. -- Chris Mason NetConcepts (264) 497-5670 Fax: (264) 497-8463 Int: (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271 Cell: 264-235-5670 Yahoo IM: netconcepts_anguilla@xxxxxxxxx -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Script to kill dictionary spam attacks
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Script to kill dictionary spam attacks
- From: lists at masonc.com (Chris Mason (Lists))
- Date: Sun Mar 26 15:02:09 2006
- In-reply-to: <1143384583.10498.90.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- References: <442691DC.5010802@xxxxxxxxxx> <302ce8b50603260547g70769f66yaaeebe290f768b1a@xxxxxxxxxxxxxx> <4426A8FC.6050309@xxxxxxxxxx> <1143384583.10498.90.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- References:
- Script to kill dictionary spam attacks
- From: Chris Mason (Lists)
- Script to kill dictionary spam attacks
- From: Jim Perrin
- Script to kill dictionary spam attacks
- From: Chris Mason (Lists)
- Script to kill dictionary spam attacks
- From: Craig White
- Script to kill dictionary spam attacks
- Prev by Date: Advice on upgrading packages
- Next by Date: I am computer literate!
- Previous by thread: Script to kill dictionary spam attacks
- Next by thread: Script to kill dictionary spam attacks
- Index(es):
 |