Lance> Seems like denyhosts or fail2ban could be bent to this task. Brian> We're actually using fail2ban already to block after 2 bad Brian> username attempts for 30 min, but the flood is still too big/fast. Fail2ban is news to me. Here's a nice example where someone used fail2ban with postfix to block spammers. http://www.uno-code.com/?q=node/94 Alan .