RE: How can I manage queue? or incoming traffic?

Subject:	RE: How can I manage queue? or incoming traffic?
From:	"Justin Kim" <justin.kim AT mezine DOT com>
To:	"Postfix users" <postfix-users AT postfix DOT org>
Date:	Wed, 8 Aug 2007 13:39:52 -0700

> Justin Kim:
> > > > by 3000 messages and plus then my server is not coping well.  I
> > > have amavisd
> > > > running too but I didn't have any problem until today for about
> > > 6 months.
> > > > Does anyone can give me a hand to manage that queues? or
> > > incoming traffic?
> > > >
> > > > Thank you in advance,
> > >
> > > Do you have lots of MAILER-DAEMON mssages trying to go to the network?
> > >
> > > Do you have lots of from=<> arriving from the network?
> > >
> > >   Wietse
> > >
> >
> > Yes I see a lot of MAILER-DEAMON messages
> > And I have a cron job setup to clear that MAILER-DEAMON
> messages because I
> > thought those messages will be sropped anyways. I might be
> wrong please help
> > me more.
>
> Use your favorite search engine for: recipient address validation.
>
> See also:
> http://www.postfix.org/BACKSCATTER_README.html
> http://www.postfix.org/postconf.5.html#relay_recipient_maps
> http://www.postfix.org/postconf.5.html#local_recipient_maps
>
>       Wietse
>
Thank you,
If I want to implement this prevention method (dictionary attack
prevention), then how can I do it?
I understood the concept but I still don't know how to implement it.
Please help.

Justin.

2.3.3.3. Dictionary Attack Prevention
Dictionary Attack is a term used to describe SMTP transactions where the
sending host keeps issuing RCPT TO: commands to probe for possible recipient
addresses based on common names (often alphabetically starting with "aaron",
but sometimes starting later in the alphabet, and/or at random). If a
particular address is accepted by your server, that address is added into
the spammer's arsenal.

Some sites, particularly larger ones, find that they are frequent targets of
such attacks. From the spammer's perspective, chances of finding a given
username on a large site is better than on sites with only a few users.

One effective way to combat dictionary attacks is to issue increasing
transaction delays for each failed address. For instance, the first
non-existing recipient address can be rejected with a 20-second delay, the
second address with a 30-second delay, and so on.

<Prev in Thread]	Current Thread	[Next in Thread>
How can I manage queue? or incoming traffic?, Justin Kim Re: How can I manage queue? or incoming traffic?, Wietse Venema RE: How can I manage queue? or incoming traffic?, Justin Kim Re: How can I manage queue? or incoming traffic?, Wietse Venema RE: How can I manage queue? or incoming traffic?, Justin Kim <= Re: How can I manage queue? or incoming traffic?, Wietse Venema RE: How can I manage queue? or incoming traffic?, Listaccount

Previous by Date:	address extension and .forwarding, David Erickson
Next by Date:	Re: postfix sendmail and Mime, Wietse Venema
Previous by Thread:	Re: How can I manage queue? or incoming traffic?, Wietse Venema
Next by Thread:	Re: How can I manage queue? or incoming traffic?, Wietse Venema
Indexes:	[Date] [Thread] [Top] [All Lists]