Suggestions Blocking Spammers when SMTP is Load Balanced

Discussions on webmail and the Professional version.
Post Reply
pdan2993
Posts: 8
Joined: Fri Apr 07, 2006 11:19 am

Suggestions Blocking Spammers when SMTP is Load Balanced

Post by pdan2993 » Mon Dec 16, 2019 4:10 pm

We have our relay set to require authentication. Unfortunately spammers are still trying to connect and send email through our servers. The system logs a huge number a failed authentication attempts in the SMTP Activity logs. They are just trying to relay with random email accounts on our domain.

I know we can block IP's, but because we are using a load balancer, all the IP's that come in are the same, based on what the load balancer is connecting with.

What's the recommended method here for stopping spammers from even attempting to relay or do we just have to live with it?

Admin
Site Admin
Posts: 825
Joined: Mon Jun 10, 2002 6:31 pm
Location: Melbourne, Victoria, Australia

Re: Suggestions Blocking Spammers when SMTP is Load Balanced

Post by Admin » Sun Dec 22, 2019 3:57 am

Since the sending IP address is the same, there isn't really an easy way you can prevent the authentication attempt, since there is not much information know about the connection before the auth attempt. What you could do is prevent any authentication on port 25. So only allow authentication attempts on an alternate port. Normally you won't see much of this from spammers.

Post Reply