• Spammers and IPTrack

    From GREG MARLER@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Thu, 06 Dec 2007 10:19:49 -0400
    From: GREG MARLER
    To: ALL
    Subject: Spammers and IPTrack
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1196954389.46.0@winserver.com>
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 18

    Is there an option to limit the number of connection from a single mail
    server to my wcsmtp server. I have found the option to limit the total
    number of connections but what happens is some spammer tries to connect multiple times until they are the only one to get a connection to the mail server and no one else can get through. Seems like some of them hold the connection open a long time as well thus preventing a legitimate email
    server from connecting.

    On a different note, what constitutes an ip getting placed in the iptrack folder. I currently have it set to not expire those ip numbers in hope to
    help alleviate some potential spammer connections to the server.

    Thanks in advance.

    Greg Marler
    myhometownweb.com
    formally ieo.com
    Winter Haven, FL
    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)
  • From HECTOR SANTOS@1:124/5013 to All on Thu Jan 31 19:18:36 2019
    Date: Wed, 19 Dec 2007 00:14:45 -0400
    From: HECTOR SANTOS
    To: GREG MARLER
    Subject: RE: Spammers and IPTrack
    Newsgroups: win.server.smtp.&.avs
    Message-ID: <1198041285.46.1196954389@winserver.com>
    References: <1196954389.46.0@winserver.com>
    X-WcMsg-Attr: Rcvd
    X-Mailer: Wildcat! Interactive Net Server v7.0.454.5
    Lines: 37

    GREG MARLER wrote:
    Is there an option to limit the number of connection from a single mail server to my wcsmtp server. I have found the option to limit the total
    number of connections but what happens is some spammer tries to connect multiple times until they are the only one to get a connection to the mail server and no one else can get through. Seems like some of them hold the connection open a long time as well thus preventing a legitimate email
    server from connecting.

    You can play with the max connections and loading options in the SMTP
    server setup.

    The thing is, by SMTP rules, you have to hold them for atleast 5 mins,
    can't kick them out if they are already waiting. But if the queue is full, WCSMTP will gracefully deny new entries.

    Depending on whats going on, I often found to just let it go and it will
    take care of the issues. It will stabilize. Attacks are normally short and
    go away and its only a problem when or if you are paying attention or
    expecting something at the moment. But all good systems are design to try again, so in general the mail will get delivery. I'm often surprise on
    well how wcSMTP works when I see the logs and there was a day or so when it
    was under attack. Didn't notice a thing. They are not getting in so they eventually go away.

    If you have a unique issue that Wildcat! can't handle or not handling, you might want to show exactly what is going on to see what can be done.

    On a different note, what constitutes an ip getting placed in the iptrack folder. I currently have it set to not expire those ip numbers in hope to help alleviate some potential spammer connections to the server.

    Currently, the only "trigger" is a login failure based on the MAX login attempts under your system settings.

    --
    HLS
    --- Platinum Xpress/Win/WINServer v3.1
    * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013)