I have one domain that is constantly being bombarded by attempts to harvest/brute force guess valid addresses.
The use of trapaddresses has changed since I last set this up. I had downloaded a script called invalid2penalty.pl, that used to scan the log files for invalid addresses, and based on X number of occurrences, append addresses to trapaddreses.txt. I would score heavily against these IPs, and soon seen many of them in the extreme penalty range. That script doesn't work anymore, completely erasing the contents of trapaddresses.txt I'm looking, but can't figure out if within ASSP there's a way to set this up. After X number of attempts during X number of days, the invalid address should be added to trapaddresses, so I can use any further attempts to build up the score against the offending IPs, and eventually see them moved into the extreme penalty, where smtp is denied. The last time I did this, it took about a week, and I started to see many more connections denied by penalty, than attempts to send to invalid addresses. ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
