On Thu, 29 Dec 2005 19:02:20 +0200 "Stefan Schoeman" <[EMAIL PROTECTED]> wrote:
> Hi All, > > I've found that greylisting takes care of these mining attempts > anyway. Sure, my greylist database is filled with rubbish, but at > least it will be cleared in 5 hours' time and the mining attempt > would not have got a single username right, unless it was re-run 30 > minutes later. With the distributed nature of these mining attempts, > that is rather unlikely. My experiences as well Stefan. Since I enabled greylisting with DCC, all of the dictionary attacks are embargoed and never to be heard from again. While I was researching this, a gentleman was kind enough to alert me to his sendmail patch to add BadRcptKill processing. It is similar to sendmail's BadRcptThrottle, but drops the connection. I implemented the feature, but have not had any hits since greylisting takes care of the problem. Here is the url: http://www.jmaimon.com/sendmail/patches/badrcpt_shutdown.v1.81301.patch Alex _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
