I have one domain that is constantly being bombarded by attempts to
harvest/brute force guess valid addresses.

The use of trapaddresses has changed since I last set this up. I had
downloaded a script called invalid2penalty.pl, that used to scan the log
files for invalid addresses, and based on X number of occurrences,
append addresses to trapaddreses.txt. I would score heavily against
these IPs, and soon seen many of them in the extreme penalty range. That
script doesn't work anymore, completely erasing the contents of
trapaddresses.txt

I'm looking, but can't figure out if within ASSP there's a way to set
this up. After X number of attempts during X number of days, the invalid
address should be added to trapaddresses, so I can use any further
attempts to build up the score against the offending IPs, and eventually
see them moved into the extreme penalty, where smtp is denied.

The last time I did this, it took about a week, and I started to see
many more connections denied by penalty, than attempts to send to
invalid addresses.



------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user

Reply via email to