>> Jacques Beigbeder wrote: >> >Hello, >> > >> >Last week, I installed milter-greylist for some email addresses. >> >Last night, the file /var/milter-greylist/greylist.db displays: >> ... >> >So there are 2 denies of service: >> >. large amount of SMTP connections in a short time (= fork with sendmail); >> >. large amount of data collected in the greylist database. >> >> I've seen that too. I've ended up with >> >> dnl Max connexions par secondes >> define(confCONNECTION_RATE_THROTTLE,`10') >> >> in my sendmail.mc to limit the impact of such attacks/spam farms behaviour. May be but... If I look at my setting, I estimate there are 100 more SMTP connections per user per day due to greylisting. For a site with 5000 users (my case), this means that 200.000 SMTP connections per day will become 700.000... My mail server will have 10 connections per second all along the day, and also 10 records written in database every second. (any SMTP connection ends in database, as new or as refreshed). The database will be many (100?) Mb... -- Jacques Beigbeder | Jacques.Beigbeder@... Service de Prestations Informatiques | http://www.spi.ens.fr Ecole normale supérieure | 45 rue d'Ulm |Tel : (+33 1)1 44 32 37 96 F75230 Paris cedex 05 |Fax : (+33 1)1 44 32 20 75
Message
Re: [milter-greylist] is this a DoS?
2004-05-26 by Jacques Beigbeder