The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Dictionary attack and remote mailserver problem

Discussion in 'E-mail Discussions' started by the_techs, May 24, 2005.

  1. the_techs

    the_techs Member

    Joined:
    Feb 5, 2004
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Hi, I have set up a second mailserver to route auto-generated email to help take the load of the primary mailserver - the scripted emails go through this one rather than the primary.

    It is also set up to work as a backup mailserver in case the primary goes down by storing the mail until the first server bcomes available again.

    I'm getting a lot of dictionary attacks on primary and secondary servers - the ACL from Chirpy fixed that on primary, but when bonafide mail is coming from the secondary server (cron jobs etc) it's blocked due to people sending dictionary attack mail through the secondary server (which forwards to the primary) and being caught by the ACL - so it's IP is denied.

    Not sure what to do - is there a way to totally lockdown access to the secondary while still retaining any useful functionality? (IE being able to send mail using it and working as a backup)

    Surely no-one should be accessing the secondary anyway, the primary is up and running
     
  2. the_techs

    the_techs Member

    Joined:
    Feb 5, 2004
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    1
    Sort of a bump and another question:

    I'm wondering why this backup mailserver should be getting so much dictionary mail, after all it's not the primary.

    Is there a way to make it only allow mail to be sent (not recieve anything and therefore not forward it to the primary) and only send mail that comes from a couple of IPs?

    My thinking is that my third mailserver (Zoneedit MX backup) will kick in if the primary goes down but I can still use the secondary to take the load when I'm sending script generated mails and our newsletter. So spammers wont be able to target the server at all
     
Loading...

Share This Page