On 04/08/2013 12:30, Thomas Pedoussaut wrote:
Ca semble le boulot parfait pour fail2ban.
- Analyse de logs en temps reel,
- fenetre de tir autorisée (genre 5 mails en 5 minutes)
- ensuite blocage (niveau IP ou niveau compte)
- retour en mode autorisé
Il faut un petit peu de boulot pour ecrire les scripts, mais perso je poartirait sur ce genre de solution.
postfwd ?
Description-en: Postfix policyd to combine complex restrictions in a ruleset Postfwd is written in perl to combine complex postfix restrictions in a ruleset similar to those of the most firewalls. The program uses the postfix policy delegation protocol to control access to the mail system before a message has been accepted. It allows you to choose an action (e.g. reject, dunno) for a combination of several smtp parameters (like sender and recipient address, size or the client's TLS fingerprint).