At 15.07 11/01/2005, you wrote:
Vpopmail 5.4.5, Mysql 3.23.54.  Also, I'm aware of Tonix's patch to
prevent invalid users BEFORE SMTPD accepts mail.  Am considering it, but
want to understand options if I'm willing to take the bandwidth hit but
not provide hints to dictionary attackers.

You may use CHKUSER intrusion thresholds to answer an "intruder rejection message" after "x" wrong rcpts (x is set by you).

I'm considering if and how to keep alive these thresholds throught following SMTP sessions coming from the same IP.

Any suggestion is welcome.


Reply via email to