Dear all,
Currently, there is a lot of spammers using special tools to generate
random users account to ISP domain([EMAIL PROTECTED],[EMAIL PROTECTED]@xx.com)
in order to create email bounced back bombed messages to a faked sender
address. This has created huge worked load to the email server and can
creat a huge mail queue in a very short time. I think that the best
approach is to drop the invalid users connection immediately and don't
creat bounced back message. I see that the current sendmail is using that
approach for protection.
However, the current qmail-smtpd do not have this options. Although this
implementation will create extra workload for the ldap lookup, I think
that it is still worthwhile to do in order to prevent email attacks from
others.
Any thoughts or comments!!
KC LO
