On 27/06/05, Marilyn Davis <[EMAIL PROTECTED]> wrote: > On Mon, 27 Jun 2005, Mark Smith wrote: > > > > > > I just added this and I tested it from a yahoo account by > > > sending to 4 addresses on my domain, 3 of which are bogus. > > > > > > Yahoo makes 4 connections: > > > > > > 10800 Listening... > > > 10800 Connection request from 68.142.206.160 port 43138 10800 > > > 1 SMTP accept process running 10800 Listening... > > > 10800 Connection request from 68.142.206.160 port 43139 10800 > > > 2 SMTP accept processes running 10800 Listening... > > > 10800 Connection request from 68.142.206.160 port 43140 10800 > > > 3 SMTP accept processes running 10800 Listening... > > > 10800 Connection request from 68.142.206.160 port 43141 10800 > > > 4 SMTP accept processes running 10800 Listening... > > > > > > So, that's disappointing. The spammer has to cooperate? > > > > > > Marilyn Davis > > > > > The only way to deal with that is to set smtp_accept_max_per_host = 1. > > Thank you. But it doesn't seem to fix anything, it just takes longer > because the other connections are delayed. But the result is the > same. $rcpt_count never gets above 1. > > Now, why would yahoo only send one RCPT per connection when 4 > addresses to the same domain are on the same message? What is the > benefit of doing that -- aside from facilitating spam from their > addresses?
I'm not sure how it 'facilitates spam' - it's very common, in fact. Any site running qmail will do this by default, it deals with a message per recipient and opens a new SMTP connection for each - which can DoS a receiving server if it's not kept under control. My next enhancement is to count invalid recipients across connections from a single IP, and DNSBL the connecting IP once it reaches a threshold. Peter -- Peter Bowyer Email: [EMAIL PROTECTED] Tel: +44 1296 768003 VoIP: sip:[EMAIL PROTECTED] -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
