OT: third party relay attack
Steffen Nurpmeso
steffen at sdaoden.eu
Wed Jan 15 14:22:25 PST 2020
Jordan Geoghegan wrote in <a0b2e6b6-5710-f40b-c626-52b57eb3d362 at geoghega\
n.ca>:
|
|
|On 2020-01-10 03:04, Pierre Abbat wrote:
|> My mailserver is being attacked by what looks like a botnet since \
|> December 16
|> at 6:07 (11:07 UTC). Many hosts all over the world are sending mail \
|> purporting
|> to be from many domains all over the world to a few domains in Russia. \
|> Most of
|> the IP addresses are blocked by uceprotect.net; a few are blocked \
|> by other
|> blocklists. A few are not blocked, but are rejected with "Relay access
|> denied". The messages come at a rate of several per second.
|>
|> There are 133 emails stuck in leaf's mail queue, but they do not \
|> appear to be
|> related to this attack.
|>
|> Pierre
|
|When dealing with spam, there is no magic one size fits all solution. In
|order to mitigate spam, you'll need to come up with a multi-layered
|anti-spam solution.
|
| I'm not sure what Steffans issue with OpenSMTPD was, it sounds like he
|made himself an open relay. I've run OpenSMTPD for a while now and its
|been working wonderfully for me.
My issue was in 2017. I ran OpenSMTPD for a few days before
2017-10-28. Nice that it works for you.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
More information about the Users
mailing list