Hints on rate limiting
Dave Horsfall
dave at horsfall.org
Tue Mar 17 17:33:23 UTC 2015
FreeBSD 9.3-RELEASE-p5 (GENERIC) #0: Mon Nov 3 22:02:57 UTC 2014
fxp0: <Intel 82801DB (ICH4) Pro/100 VM Ethernet> (on board)
I'm having trouble with getting rate limiting to work i.e. so many
connections from the same source in so many seconds (what we in the
anti-spam community call "woodpeckers").
Does it actually work on FreeBSD 9? I know that PF doesn't work at all on
FreeBSD 8 (at least, with the NIC above), and if it does indeed work then
what would be a good starting point?
Note that a complicating factor is that I have configured a "greet pause"
of 10 seconds i.e. after the connection I wait for that long before
issuing the SMTP greeting (and woe betide you if you don't wait in turn).
And before anyone asks me why aren't I running 10.x, I will as soon as my
new server arrives; the current box is going to fail soon (the
electrolytic capacitors are starting to bulge) so it's not worth the
hassle. And anyway, I've screwed up the ports area Yet Again from a
failure to read simple instructions :-(
--
Dave Horsfall DTM (VK2KFU) "Bliss is a MacBook with a FreeBSD server."
http://www.horsfall.org/spam.html (and check the home page whilst you're there)
More information about the freebsd-pf
mailing list