Re: Spam, fail2ban and centos

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Wed, May 9, 2012 at 11:07 AM, Bob Hoffman <bob@xxxxxxxxxxxxxx> wrote:
> I am starting to see a real pattern to all this.
> I would love to see someone do a case study on spam attacks. Their
> system seems well honed to scale up with your defenses until they
> finally have to 'appear' on their real computers like the
> servers, and many more hosts,

I think you are over-analyzing.  The senders are distributed and shift
around whether you do anything defensive or not, and if you have ever
accepted an address, even years ago with a system like qmail that
accepted without checking anything, then tried to bounce bad
addresses, those addresses will be on some lists that are re-tried
forever no matter how many times you reject them now.   I haven't
watched this for a while but I used to be surprised that even though
the senders were spread over hundreds of IPs, the overall rate seemed
to be centrally controlled and in what would look like a dictionary
attack the list seemed to be sorted, at least in big chunks, across
the senders.

   Les Mikesell
CentOS mailing list

[CentOS]     [CentOS Announce]     [CentOS Docs]     [CentOS Virtualization]     [Linux Media]     [Asterisk]     [Photo]     [DCCP]     [Netdev]     [Xorg]     [Xfree86]     [Linux USB]     [Project Hail Cloud Computing]

Powered by Linux Add to Google