On Nov 29, 2006, at 2:49 PM, Matt wrote:
For the past week one of my virtual
domains has been slammed by what appears to be a distributed spam
attack. I have the validrcptto patch
(http://qmail.jms1.net/patches/combined-6c5.shtml)
installed - so at least I don't have 80,000 messages trying to bounce.
At first it was a big deal because it assisted in maxing out my remote
concurrency, but that has subsided quite a bit now - so now it's just
annoying me. Is there any real solutions to deal with this? I could
add the ip addresses to my iptables . . . but boy would that be a
lot of
ip's.
i had the exact same problem over the weekend. firewalling the ip
addresses wouldn't have worked, there were simply way too many. so
what i did was change the mx record of that particular domain so it
pointed to a new server. yesterday things finally went back to normal
so i was able to change the mx back to the original server.
it's not really a solution, but it helps you getting through such an
attack without losing mails or compromising your other virtual
domains. so, i am also interested in how others deal with this.
so long,
randy
|