[SAC] Mailman Postfix tuning - Urgent!!

Markus Neteler neteler at osgeo.org
Tue Apr 22 13:32:44 PDT 2014


On Sun, Apr 20, 2014 at 9:56 PM, Markus Neteler <neteler at osgeo.org> wrote:
> On Sun, Apr 20, 2014 at 8:34 PM, Alex Mandel <tech_dev at wildintellect.com> wrote:
>> So Apache on Mail is still off.

Apache is running for more than 24h and seems to behave ok.

...
> I have implemented a fail2ban regex to turn down these
> subscription attempts.

[alias hotmail spam]

Yesterday I added two more regex into
/etc/fail2ban/filter.d/apache-mailman-bot.conf
It seems to catch 'em nicely:

mail:/root # grep apache-mailman-bot /var/log/fail2ban.log  | grep Ban | wc -l
391

BTW: I put a no-mercy setting, the attacking IP is temporarily blocked
at the first attempt to abuse mailman for spamming.

cheers,
Markus


More information about the Sac mailing list