Hi, ...on Tue, Mar 09, 1999 at 04:16:13PM -0600, Scott Fendley wrote: > Couldn't you just compile sendmail with tcp_wrapper support, and have a > script parsing your logs so that if someone manages to get n # of pokes at > your system then their Ip address and/or DNS server will be placed in the > hosts.deny. Perhaps Spamshield could be enhanced to solve this problem. http://www.abest.com/~kai/spamshield.html Even if the detection is adapted, it would probably only work after the first attack though, as it seems sendmail doesn't log the attacking hosts name before the connection is closed when no data is sent. Alex.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:50 PDT