[lug] iptables limit
Joseph McDonald
joem at uu.net
Sun Jan 26 00:06:06 MST 2003
On Fri, Jan 24, 2003 at 09:53:38PM -0700, Jeff wrote:
> Not sure what mail server you're using, but if your using postfix there
> should be something. I remember seeing something like that as I was
> setting up my spam rules.
>
> Jeff
>
> jd wrote:
> >
> > Hello,
> >
> > I am trying to stop mailbombs. I have recived a few, or should
> > I say a few thousand mails in a matter of minutes...all bogus.
> > Sometimes the mail is sent from the same ip some times it
> > comes from differnt ips.
> > So, i was wondering if anyone has used the iptables limit module
> > to combat stuff like this. Could someone post a example
> > using the limit module. I would like to block more than 50 connections
> > in a 5 min time frame from anyone. Or is there another way to
> > deal with DOS caused by resource consumption.
Have you thought about rate limiting? Maybe take a look at the
Bandwidth-Limiting-HOWTO, specifically the section on: Dealing with
Other Bandwidth-consuming Protocols Using CBQ . That's not going to
resolve your 50 connections/5 min. scenario but it's an idea. It's
what we use to do on our old BSD/OS mail server.
--joey
More information about the LUG
mailing list