At 04:15 PM 6/13/2001 , Darrin Cardani wrote:
>I recently found this in my logs:
>
>...
>22:24:13 1 SMTP-660(ett00.tass.or.jp) Recipient '<[EMAIL PROTECTED]>'
>rejected: user unknown
>22:24:13 1 SMTP-660(ett00.tass.or.jp) Recipient '<[EMAIL PROTECTED]>'
><snip>
>22:24:20 1 SMTP-661(ett00.tass.or.jp) Recipient
>'<[EMAIL PROTECTED]>' rejected: user unknown
>22:24:20 1 SMTP-661(ett00.tass.or.jp) Recipient '<[EMAIL PROTECTED]>'
>rejected: user unknown
>...
>
>and a whole bunch more of the same. Obviously, this person is mining for
>valid addresses. What should I do about this? I don't want to allow this
>person to ever connect to my mail server again, so how do I block them?
>
>Also, people here have mentioned blocking dial-up IP addresses. Where does
>the dial-up list exist, and what are the pros and cons of using it?
I think you are running v1.7.
In v1.8b8 you would have eventually seen a message saying that the source
was being temp banned and then the following messages would have indicated
a 500 error and that the source was suspected of address harvesting.
Also in v1.8b8 is the ability to specify a list of RBL servers. MAPS
maintains a RBL that contains entries for a large number (but not all) IP
addresses associated with dial up user lines.
v1.8b8 is available on the Stalker FTP site, but is not shown if you use
web access. v1.8b8 is very solid. I think it has been a year since I
started using it and I cannot trace a single crash to it.
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
