Dictionary Attacks - Need Advice

Been running Maia for about 45 days now and it has been
great. We have 2
servers sharing a single database and each server was set to
the default
smtp processes but I was finding that some customers would
have their mail
delayed for hours at times (very sporadic). I determined
that the delay
was a result of the number of smtp maxprocesses (default is
100). I have
doubled the maxproc and even set it to unlimited but the
underlying
problem here is the amount of rejected messages due to
dictionary attacks.
I installed mailgraph on each server and found that at times
the number of
rejected messages on each server gets close to 1000 per
minute. All of
these are the result dictionary attacks and I do not see how
adding an
additional Maia server would help since it only provides the
spammers with
another resource for their attack on our servers. 

I would like to know if anyone else has encountered this
problem and what
they might have done to resolve it or at least slow the
spammers down. We
handle email for many domains and some of the final MTA's
are not under
our control.

Any suggestions would be greatly appreciated!

Thanks,
Dave 


_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users

Dave,

http://www.postfix.com/ADDRESS_VERIFICATION_README.html

Assuming your Maia server is one-hop away from your mail
server, this is a
great solution.  Just make sure you set the following once
you are
comfortable that this is working for you:

unverified_recipient_reject_code = 550

If you don't, the problem won't get any better since the
sending mail
servers will retry and consume all your smtpd processes. 
Mine dropped
from being maxed out at 200 to an average of about 10-12
concurrent smtpd
processes after implementing this feature.  I also use
address_verify_map
to cache the results, and my cache file is around 100MB on
average, so not
a huge disk space commitment for such a useful feature.

Ryan

> Been running Maia for about 45 days now and it has been
great. We have 2
> servers sharing a single database and each server was
set to the default
> smtp processes but I was finding that some customers
would have their mail
> delayed for hours at times (very sporadic). I
determined that the delay
> was a result of the number of smtp maxprocesses
(default is 100). I have
> doubled the maxproc and even set it to unlimited but
the underlying
> problem here is the amount of rejected messages due to
dictionary attacks.
> I installed mailgraph on each server and found that at
times the number of
> rejected messages on each server gets close to 1000 per
minute. All of
> these are the result dictionary attacks and I do not
see how adding an
> additional Maia server would help since it only
provides the spammers with
> another resource for their attack on our servers.
>
> I would like to know if anyone else has encountered
this problem and what
> they might have done to resolve it or at least slow the
spammers down. We
> handle email for many domains and some of the final
MTA's are not under
> our control.
>
> Any suggestions would be greatly appreciated!
>
> Thanks,
> Dave
>
>
> _______________________________________________
> Maia-users mailing list
> Maia-usersrenaissoft.com
> http://www.renaissoft.com/mailman/listinfo/maia-users
>


_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users