[BlueOnyx:21938] SMTP freezes with AVSPAM
Jeff Folk
jfolk at qzoneinc.com
Wed Apr 11 13:25:24 -05 2018
Hi Michael, and list,
I have a particular 5208R with AV-SPAM 6.3.0-1. We have been experiencing login attacks from China (nothing new there) that eventually render our SMTP server inoperative.
I get an email from Active Monitor telling me the SMTP server is down, and could not be restarted. Have have to ssh into the box, issue a "/usr/sausalito/sbin/avspam_init.pl -restart” command, then everything is right with the world… Until the next attack.
My question/suggestion: Isn’t there, or could there be, an addition to the SMTP swatch routine that tries a AV-SPAM init in the process of trying to get the SMTP server running again?
Clearing the AV-SPAM database helps for a couple days, at the expense of losing all the learned rules… Not liking that.
Any suggestions?
Regards,
Jeff Folk
More information about the Blueonyx
mailing list