On Mon, 2004-07-05 at 09:50, David F. Skoll wrote: > > Recently spammers verified their mailing list using this SMTP dialogue. > > This is an old technique called a "dictionary attack" or "directory > harvesting". > > Sendmail 8.13 has countermeasures, like closing a connection after N bad > SMTP commands.
I think spammers have adapted by sending only a few addresses at a time, perhaps from virus-owned zombie relays. I still have one box running qmail with port 25 open directly to the internet although it's MX is through a sendmail/mimedefang relay. It gets thousands of bad-address spams a day hitting its open port directly but in patterns of 6 or so from any one sender at a time. The domain is due to be moved elsewhere soon so I haven't done anything to try to fix the problem yet. --- Les Mikesell [EMAIL PROTECTED] _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
