Connection throttling POP3.
Blake Hudson
blake at ispn.net
Mon May 21 16:36:34 EDT 2007
Andrew Morgan wrote:
> On Mon, 21 May 2007, Matthew Schumacher wrote:
>
>> List,
>>
>> And this spammer is racking up a zillion processes which is killing my
>> machine. I need a way to throttle this somehow where he is only allowed
>> one connection per IP at a time, or perhaps a way to ignore them after
>> so many invalid passwords.
>>
>> Anyone know of a way to do this?
>
> You can use tcp-wrappers to block connections from that IP address
> entirely. I believe there are also some solutions to monitor
> connections and automatically add IP addresses to the /etc/hosts.deny
> file, but I've never used them myself.
>
> Andy
These types of threats are becoming more and more common and in reaction
awareness is increasing and more software seems to be implementing
mechanisms to cope. I would personally love to see Cyrus implement some
sort of connection limit or throttling per IP/network/user. The current
process limits do help ensure that one daemon does not make the machine
unusable, but does nothing to prevent a DoS attack.
-Blake
More information about the Info-cyrus
mailing list