处理 SMTP 无效命令攻击

Question 1

在这些连接开始产生错误后，至少有一个选项可以对其进行延迟处理。有效且行为良好的客户端不应该落入这种延迟处理。

dnl # New option in v8.14.0
dnl # Override default limit (of 20) NOOPs (invalid or unsupported SMTP
dnl #   commands) before daemon will throttle connection by slowing
dnl #   error message replies (similar to "confBAD_RCPT_THROTTLE")
define(`MaxNOOPCommands', `5')dnl

您还可以使用 GreetPause 功能，该功能将拒绝这些客户端，因为它们不太可能遵守暂停。您可以在此处阅读更多相关信息：http://www.deer-run.com/~hal/sysadmin/greet_pause.html

dnl # New feature in v8.13.1 (not listed in Companion)
dnl # Set time in milliseconds before sendmail will present its banner
dnl #   to a remote host (spammers won't wait and will already be
dnl #   transmitting before pause expires, and sendmail will
dnl #   refuse based on pre-greeting traffic) 5000=5 seconds
dnl # NOTE: Requires use of FEATURE(`access_db') and "GreetPause" entries
dnl #       in access table
FEATURE(`greet_pause',`5000')dnl

Answer

在这些连接开始产生错误后，至少有一个选项可以对其进行延迟处理。有效且行为良好的客户端不应该落入这种延迟处理。

dnl # New option in v8.14.0
dnl # Override default limit (of 20) NOOPs (invalid or unsupported SMTP
dnl #   commands) before daemon will throttle connection by slowing
dnl #   error message replies (similar to "confBAD_RCPT_THROTTLE")
define(`MaxNOOPCommands', `5')dnl

您还可以使用 GreetPause 功能，该功能将拒绝这些客户端，因为它们不太可能遵守暂停。您可以在此处阅读更多相关信息：http://www.deer-run.com/~hal/sysadmin/greet_pause.html

dnl # New feature in v8.13.1 (not listed in Companion)
dnl # Set time in milliseconds before sendmail will present its banner
dnl #   to a remote host (spammers won't wait and will already be
dnl #   transmitting before pause expires, and sendmail will
dnl #   refuse based on pre-greeting traffic) 5000=5 seconds
dnl # NOTE: Requires use of FEATURE(`access_db') and "GreetPause" entries
dnl #       in access table
FEATURE(`greet_pause',`5000')dnl

Question 2

我会安装失败2ban并在第一个无效命令时阻止。

Answer

我会安装失败2ban并在第一个无效命令时阻止。

处理 SMTP 无效命令攻击

答案1

答案2

相关内容