Marc Perkel wrote: > After a few bad email addresses I return defer on that IP for the > remainder of the 5 minute period. That tends to stop/minimize > dictionary collateral damage. It would be nice if Exim had something > better built in specifically to deal with dictionary attacks.
Hmm, maybe an additional ratelimit option would do the trick. > There should be some sort of limit so that if you need to do a lot of > verification callouts for a specific domain in a short period of > time that you could rate limit it. Ah, yes. :o) Limiting on the destination domain of the callout could be quite tricky, though. Maybe it would be better (because much easier) just to ratelimit within a SMTP session if callouts (or verifications in general) fail. lg, daniel -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
