Diambil dari http://forum.mikrotik.com/viewtopic.php?t=11474
Hi, i created these 2 simple rules for firewall forward and this work very fine…… do not say it to anybody ;) :D
2 ;;; BLOCK SPAMMERS OR INFECTED USERS
chain=forward protocol=tcp dst-port=25 \
src-address-list=spammer action=drop
3 ;;; Detect and add-list SMTP virus or spammers
chain=forward protocol=tcp dst-port=25 connection-limit=30,32 \
limit=50,5 src-address-list=!spammer action=add-src-to-address-list \
address-list=spammer address-list-timeout=1d
When detect an infected user with a worm or doing spamming this rule add this user to a spammer list and block the SMTP outgoing for 1 day ;)
Regards!
Alessio
Tags: drop, firewall, forward, infected, limit, mikrotik, port, simple, smtp, spam, tcp, time, user, virus
Filed in Mikrotik | admin | January 11, 2008 11:23 pm | 
Comments (1)
Diambil dari http://forum.mikrotik.com/viewtopic.php?t=15721
Hi there, for months I have the idea how to transform one Mikrotik OS in an Anti Spam server. After more than 20 days applying few scripts, firewall rules and address list, I have achieved reduce from 45.000 mails per day to only 11.000/12.000 without many complaints from my customers.
Before continuing, some details about this:
Yes, I know that exists others solutions.
Yes, I know with Linux can obtain the same results.
Yes, I know that it seems a crazy solution.
Yes, I know (in the practice) that this solutions generate a moderate cpu usage. I have a Pentium IV with 75% of cpu usage (this can change with new features from MT… see scripts explanation) and we are a little ISP.
Yes, yes, yes…
but
I use MT from six years ago (when John Tully & Arnis Riekstins answered the company mails themselves) and always I try to resolve any networking necessity whit MT.
I had the trust that can resolve this whit MT.
and after thinking about this, I can’t never sleep all night from many days, so, for my health and wife I made it !!!
Read more »
Tags: ACCEPT, antispam, check, dnsbl, firewall, HIT, host, icmp, icon, lease, linux, live, mail, mangle, mikrotik, network, nth, php, port, postfix, smtp, spam, ssh, tcp, time, TTL, tx, vi, xp
Filed in Mikrotik | admin | 11:15 pm | Comments (1)
dari milist tanya jawab
# lsof -i -n -P
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
ntpd 1748 ntp 4u IPv4 2487 UDP *:123
ntpd 1748 ntp 5u IPv6 2488 UDP *:123
ntpd 1748 ntp 6u IPv4 2489 UDP 127.0.0.1:123
ntpd 1748 ntp 7u IPv4 2490 UDP 202.156.81.23:123
ntpd 1748 ntp 8u IPv4 2491 UDP 202.156.81.68:123
sshd 1797 root 3u IPv6 2669 TCP *:22 (LISTEN)
oidentd 2025 nobody 5u IPv6 3399 TCP *:113 (LISTEN)
(migrasi dari geocities.com/adilinux)
Another useful squid feature is delay pools. Conceptually, delay pools are bandwidth limitations – “pools” of bandwidth that drain out as people browse the Web, and fill up at a rate you specify – this can be thought of as a leaky bucket that is continually being filled.
This is useful when bandwidth charges are expensive like in indonesia.
Delay pools provide a way to limit the bandwidth of certain requests based on any list of criteria. The idea came from a Western Australian university who wanted to restrict student traffic costs (without affecting staff traffic, and still getting cache and local peering hits at full speed).
To enable this, configure squid with the –enable-delay-pools option. There are 3 classes of delay pools – class 1 is a single aggregate bucket, class 2 is an aggregate bucket with an individual bucket for each host in the class C, and class 3 is an aggregate bucket, with a network bucket (for each class B) and an individual bucket for each host. Read more »
Tags: distro, google, HIT, host, limit, linux, mail, microsoft, network, php, pool, port, proxy, rpm, squid, tcp, time, user, vi, videodownload, xp, youtube
Filed in adilinux, proxy | admin | February 21, 2004 6:19 pm | Comments (16)
