directory harvest attack

Mike Kercher mike at CAMAROSS.NET
Tue May 13 14:31:38 IST 2003


This may be a job for David While's mailstats.pl script which works QUITE
well on my systems.

Mike


-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf
Of Julian Field
Sent: Tuesday, May 13, 2003 4:48 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: directory harvest attack


Ah, thanks.

MailScanner does not get involved with SMTP service provision. There are
already very good packages out there (your MTA) which do a perfectly good
job.

At 10:38 13/05/2003, you wrote:
>I presume he's talking about collection of addresses in a domain by 
>opening an SMTP session and attempting sends to common/dictionary 
>names.
>
>I just happened to notice some of this activity in my mail log and 
>added a reject action for the sender's IP to the sendmail access db. To 
>automate this would be cool - but I don't think MailScanner even sees 
>the message - based on how these harvesting tools seem to work.
>
>Craig
>
>On Tuesday, May 13, 2003, at 12:49  AM, Julian Field wrote:
>>At 03:02 13/05/2003, you wrote:
>>>Anyway to prevent 'directory harvest attacks' wtith mailscanner?
>>
>>Please explain rather more of what you would like to happen, what the 
>>problem is, and how it relates to MailScanner.
>>--
>>Julian Field
>>www.MailScanner.info
>>Professional Support Services at www.MailScanner.biz MailScanner 
>>thanks transtec Computers for their support
>>
>>--
>>This message checked for dangerous content by MailScanner on 
>>StrongBox.
>>
>---
>Craig Pratt
>Strongbox Network Services Inc.
>mailto:craig at strong-box.net
>
>
>--
>This message checked for dangerous content by MailScanner on StrongBox.

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz MailScanner thanks
transtec Computers for their support




More information about the MailScanner mailing list