[Greylist-users] Dictionary Attack
Brent Meshier
brent at carbonblock.net
Fri Jul 23 07:36:58 PDT 2004
A couple days ago we started to notice that local mail delivery was slowing
down. It now takes more than 24 hours to receive mail. After some digging
we found that a spam zombie network comprised of well over 200 IPs mounted a
dictionary attack against 3 of our domains. qmail would bounce the message
back to a non existent sender creating even more mail. At one point the
queue reached over 12,000 messages waiting to be delivered. Oddly enough,
we can't get the queue to go back down, in fact, it's rising causing even
more delays. Below is a graph:
http://gd2.com/cacti/graph.php?local_graph_id=12&rra_id=all&type=tree
This is a quad xeon, I would think it would process quicker than this. I've
also noticed the load sit around 6, which I think is caused by courier-imap.
Any way to make it process all those messages faster?
More information about the Greylist-users
mailing list