[BlueOnyx:21941] Re: SMTP freezes with AVSPAM

[Michael Stauber]

Hi Jeff,

> Seems counter-intuitive to me that these ssh attacks would kill SMTP.

At the end of the day any brute force login attempt (regardless against
which service) taxes the PAM login mechanism, which might eventually go
titsup.com or start to choke. Which then affects other services as well.

We can install extra gatekeepers within these services such as
Milter-GeoIP that do some "face and ID checks" at the door, but that
also creates some strain elsewhere.

That's why I prefer to have APF (or a firewall in general) in front
which makes sure that visitors from "bad countries" are turned around at
the fence and before they get to the front door.

But it's not always the best option and depends on what collateral
damage resulting out of these indiscriminate checks is acceptable.

-- 
With best regards

Michael Stauber