Re: Connection throttling POP3.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On May 22, 2007, at 10:34, Philip H. O'Neill wrote:

We do the same but there is an issues.

One File::Tail delays polling the log for up to 30 seconds unless you
tell it otherwise. So it will allow a number of attempts before reading
the log. If you increase the polling you add load to the system. Not
much but some.

We like the idea of adding the timer to iptables along with logging so
the address can be tracked. If the address comes back then it can be
added to a permanent block.

We're not running this on linux (no iptables) but using Solaris' ipfilter. The timer function seems nice; we just have the daemon keep a database of the 'bad' ips and release the block whenever one times out.

It's not, by any means, the "perfect" solution* -- there is no such thing. However, it's quick, easy, and stops 99% of your problems.

*security people seem to obsess on "perfect" solutions.  It bothers me.

-rob

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux