Connection throttling POP3.
blake at ispn.net
Mon May 21 16:36:34 EDT 2007
Andrew Morgan wrote:
> On Mon, 21 May 2007, Matthew Schumacher wrote:
>> And this spammer is racking up a zillion processes which is killing my
>> machine. I need a way to throttle this somehow where he is only allowed
>> one connection per IP at a time, or perhaps a way to ignore them after
>> so many invalid passwords.
>> Anyone know of a way to do this?
> You can use tcp-wrappers to block connections from that IP address
> entirely. I believe there are also some solutions to monitor
> connections and automatically add IP addresses to the /etc/hosts.deny
> file, but I've never used them myself.
These types of threats are becoming more and more common and in reaction
awareness is increasing and more software seems to be implementing
mechanisms to cope. I would personally love to see Cyrus implement some
sort of connection limit or throttling per IP/network/user. The current
process limits do help ensure that one daemon does not make the machine
unusable, but does nothing to prevent a DoS attack.
More information about the Info-cyrus