On Tue, 2004-07-20 at 14:45, Rakesh wrote:
> Robert
>
> This concept has to be implemented at the MTA level which will be before
> the mail is sent to SpamAssassin for checks. The blocking of IP address
> has to be done at the time of establishment of connection from a remote
> server to your machine. The punch line is "If you recieve too many spams
> from a remote server which the SpamAssassin is not able to detect then
> simply block the IP address of the remote server at the MTA level
> itself." You can easily get the IP address of the spam originating
> server from the log files or the header of the spam mails. As of
> restarting any services I don't know much about Qmail but in case of
> Sendmail a makemap hash and in Postfix postmap does the job for you, no
> need to restart the MTA in tht case.
>
> regards
> Rakesh
>
>
With such a setup would it become possible for a black hat to fake an
particular MTA's address, send lots of spam to a target site, and have
the target site block that MTA's address? Kind of a DOS attack using
your own tools.
--
Scot L. Harris
[EMAIL PROTECTED]
But hey, at the end of the day, numbers rule.
- Linus Torvalds on linux-kernel
