Re: [Mimedefang] Need advise on how to proceed.

[Ben Kamen]

If you're using sendmail and it's the main mail server (not a gateway for 
exchange), sendmail sends out a log message warning of a RCPT TO: flood (typical 
of people trying to send to too many recipt's at once.)

I have a script that watches the log file and instantly (it runs all the time 
and is EVENT driven) blackholes the IP for as long as you like... you can either 
expire the entries (like I do after a week) or build a rich database for your 
own DNSBL... :)

Let me know if you'd like the script (it's in TCL - so it's easy to read/change) 
and I'll send it to you...

 -Ben


_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang