From owner-freebsd-questions Mon Sep 25 8:17:41 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.psknet.com (NS1.PSKNET.COM [63.171.251.2]) by hub.freebsd.org (Postfix) with SMTP id B036B37B43C for ; Mon, 25 Sep 2000 08:17:32 -0700 (PDT) Received: (qmail 92627 invoked from network); 25 Sep 2000 15:19:44 -0000 Received: from arcadia.psknet.com (HELO arcadia) (63.171.251.13) by mail.psknet.com with SMTP; 25 Sep 2000 15:19:44 -0000 From: "Troy Settle" To: "Len Conrad" , Subject: RE: question Date: Mon, 25 Sep 2000 11:18:16 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-Mimeole: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal In-Reply-To: <5.0.0.25.0.20000925165301.08232d40@mail.Go2France.com> X-AntiVirus: scanned for viruses by AMaViS 0.2.1-pre3 (http://amavis.org/) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Slow down Len. Your postfix stuff is a great addon for Imail (hell, with Cyrus or vpopmail on the back end, and a decent web client, it'd be a great replacement). But, in this case, the problem is with a web server. A 401 is a bad request for HTTP protocol. -- Troy Settle Pulaski Networks 540.994.4254 It's always a long day, 86400 doesn't fit into a short > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Len Conrad > Sent: Monday, September 25, 2000 10:58 AM > To: freebsd-questions@freebsd.org > Subject: Re: question > > > > >I have searched extensively for info on this subject and > >have found nothing. I admin a server > > server of what? > > >which gets allot of bad requests > > request for what? > > >I asked a real Unix guru about the problem and he recommended > >using tar pitting. The idea is that every time a bad request > >is generated by an I.P. the time the server takes to respond is > >increased. > >Example: > >Bad request #1. server answers with 401 error in 1 second > >Bad request #1. server answers with 401 error in 2 seconds > >Bad request #1. server answers with 401 error in 4 seconds > > > >This sounds like the perfect answer to many problems with > >a variety of server attacks. The problem is I can only find > >info on the subject relating to spam mail and sendmail. > > www.postfix.org, configuration, UCE, tarpitting is supported, and you > might also look at other UCE defenses, plus perhaps set up a > relay-onlyh mail hub to front-end short-circuit this crap before it > gets to your mailbox server. > > IMGate in my sig is a FreeBSD/postfix gateway playing just this for > Imail, but the approach is not tied any brand of mail server. > > Len > > > http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 installable binary for NT4 > http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message