"Limit maximum number of failed RCPTs" also for seperate connections

Slab

posted Jun 20 '07 at 9:19 pm

I actually set mine to 1. It prevents the hammering. As for legit emails, a legit email will retry again some time after the blacklist clears.

I actually set mine to 1.&nbsp; It prevents the hammering.&nbsp; As for legit emails,&nbsp;a legit email will retry again some time after the blacklist clears.

axel

posted Jun 18 '07 at 11:14 am

This compliance feature is great, but it works only if failed RCPTs are in one session.

We often get 50+ connections (concurrent or within minutes) from same IP which are all ending with user unknown. But as these are seperate sessions there is no way to automatically blacklist them.

For us it would be a great feature if it would be possible to blacklist these IPs the same way as it is done within one session.

This compliance feature is great, but it works only if failed RCPTs are in one session. We often get 50+ connections (concurrent or within minutes) from same IP which are all ending with user unknown. But as these are seperate sessions there is no way to automatically blacklist them. For us it would be a great feature if it would be possible to blacklist these IPs the same way as it is done within one session.

PaulW

posted Jun 18 '07 at 11:38 am

I've never tried this, but if you set the maximum failures to 1 won't that blacklist the IP? There should not be many legitimate senders affected by this, but it may be necessary to monitor the logs to check.

I've never tried this, but if you set the maximum failures to 1 won't that blacklist the IP?&nbsp; There should not be&nbsp;many legitimate senders affected by this, but it may be necessary to monitor the logs to check. &nbsp;

axel

posted Jun 18 '07 at 12:51 pm

1 is not a good idea, as any legitimate sender who makes a mistake will get blacklisted. We often get mails addressed to several local users and if one leaves the company some time later we remove his/her mailbox - so a mail to this now unknown user would blacklist the sender.

1 is not a good idea, as any legitimate sender who makes a mistake will get blacklisted. We often get mails addressed to several local users and if one leaves the company some time later we remove his/her mailbox - so a mail to this now&nbsp;unknown user would blacklist the sender. &nbsp;

David Harris

posted Jun 19 '07 at 4:55 pm

I agree - I wouldn't be comfortable recommending that anyone use a value lower than 3 for failed RCPTs.

As for the original question... I know exactly what you're describing (I see the same kind of probing on my production server most days), but I can't offer a solution at this stage, sorry.

Cheers!

-- David --

I agree - I wouldn't be comfortable recommending that anyone use a value lower than 3 for failed RCPTs. As for the original question...&nbsp; I know exactly what you're describing (I see the same kind of probing on my production server most days), but I can't offer a solution at this stage, sorry. Cheers! -- David --

axel

posted Jun 20 '07 at 4:00 pm

Hello David,

At first thank you for your great software.

My question was only a suggestion for a future release and it is good to know that you also get these kind of connections.

Regards from Germany
Axel

Hello David, At first thank you for your great software. My question was only a suggestion for a future release and it is good to know that you also get these kind of connections. Regards from Germany Axel

Related Topics

Pending draft

Confirm move posts

Insufficient permissions

Select a different topic

Edit history