Q. I have noticed that spammers continually try to make a connection (email flooding attack). How do I enforce a number of limits on incoming mail so that I can protect hosted email domains?
A. Postfix (smtpd daemon) can enforce a number of limits on incoming email. This will stop email flooding attacks.
A bot connects to your Postfix email server and sends garbage commands or spam, attempting to crash your server. You can limit:
=> The length of lines in a message and so on
=> The size of messages
=> The number of recipients for a single delivery
Try following directives in your postfix main.cf config file:
smtpd_error_sleep_time - The SMTP server response delay after a client has made more than $smtpd_soft_error_limit errors, and fewer than smtpd_hard_error_limit errors, without delivering mail.
smtpd_soft_error_limit : The number of errors a remote SMTP client is allowed to make without delivering mail before the Postfix SMTP server slows down all its responses.
smtpd_hard_error_limit : The maximal number of errors a remote SMTP client is allowed to make without delivering mail. The Postfix SMTP server disconnects when the limit is exceeded.
Open config file
# vi main.cf
Append following directives:
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20
Save and restart/reload postfix configuration
# /etc/init.d/postfix restart
Postfix waits one second before each error such as HELO command not provided or FQDN hostname does not exists etc After 10 such errors postfix will start to increase delay. If error limits touches 20 Postfix will disconnect client.
You can see this in action from /var/log/maillog file:
Dec 15 16:50:59 server postfix/anvil: statistics: max connection rate 1/60s for (smtp:220.127.116.11) at Dec 15 16:47:29 Dec 15 16:50:59 server postfix/anvil: statistics: max connection count 1 for (smtp:18.104.22.168) at Dec 15 16:47:29 Dec 15 16:50:59 server postfix/anvil: statistics: max cache size 2 at Dec 15 16:47:38
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop