Re: [tlug] gstewart@example.com mail not working

[Christian Horn <chorn@example.com>]

On Mon, Mar 15, 2010 at 08:02:54AM +0100, Attila Kinali wrote:
> 
> On Sun, 14 Mar 2010 22:53:25 -0000 (GMT)
> "Godwin Stewart" <gstewart@example.com> wrote:
> 
> > That's what I used to do until my server was getting hammered by dozens of
> > SMTP sessions per second [...]
> 
> IMHO the right solution would be to rate limit all incomming connection.
> Linux provides nice ways that you can limit the number of new connections
> per second.
> 
> Also, you should not drop the incomming packets completely but instead
> send an ICMP port not reachable (aka use -j REJECT), this way it'll be
> clear to the sysadmin, that the host itself is up, but something else
> is going on.

Rejecting instead of dropping is nicer for debugging things.  Also
reminds of the generic 'i regard ICMP as beeing evil and drop it'
idea of some people.

The idea of dropping is to make it harder for the other party to dia-
gnose the situation and to spend more ressources on you.  There is an
other nice approach worth mentioning: Trapit, in german Teergrube.
Here once the server made the decision the connection is not desired
its not cancelling the connection but just keeping it open.
If you get many connections from different ips this will tend to waste
your ressources but against spammers just trying to get rid of mails 
it could be useful.


Christian