[Esd-l] badtrans ad infinitum
feldt at nhn.ou.edu
Wed Nov 28 18:43:01 PST 2001
Chris Parigger wrote (in part):
> I/we have been flodded with Sircam back in July, whereby
> "overfloweth" resulted in my/our quarantine. Therefore,
> the milder solution would perhaps be to blackhole (or bit-bucket
> into /dev/null) active email received at a
> set rate from certain sites (rather than blocking the whole site).
I have found only occasional specific usernames which flood my
quarantine file. So I use a simple recipe to throw away all
mail from them for a short time (usually a day or two) while
I monitor the procmail log file to see if the flood has stopped.
The recipe is:
# special to zap the user at some.domain output for a while...
* ^From.*user at some.domain
and is placed in my local-rules.procmail file before any other rules.
This has the disadvantage that the particular remote user
cannot contact me during the blockade. However, as long as
I watch the procmail log file carefully and remove this in
a timely fashion, it is quite effective.
Senior System Support Programmer
Adjunct Assistant Professor
Department of Physics and Astronomy
The University of Oklahoma
More information about the esd-l