Will milter-greylist solve my directory harvest attacks?

[Stephen Swaney]

> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> Behalf Of Matt Kettler
> Sent: Thursday, December 15, 2005 5:38 PM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: Will milter-greylist solve my directory harvest attacks?
> 
> shuttlebox wrote:
> > On 12/15/05, *Matt Kettler* <mkettler at evi-inc.com
> > <mailto:mkettler at evi-inc.com>> wrote:
> >
> >     The BAD_RCPT_THROTTLE options is probably the most effective here.
> >     Here's a
> >     quick sendmail.mc <http://sendmail.mc> fragment for it:
> >
> >     #after 15 invalid recipients, start slowing them down with
> >     #1 second sleeps
> >     define(`confBAD_RCPT_THROTTLE',15)
> >
> >
> > But the gateway doesn't know if the recipient is valid or not, only if
> > it can deliver it to the next server. Do you mean together with
> > milter-sender or similar?
> 
> Further follow-up.. milter-sender is the exact opposite of what we're
> talking
> about here. That validates the sender, not the recipient.
> 
> Perhaps milter-ahead could be used here, but not milter-sender.
> 

You wouldn't think so but milter-sender is a "kitchen sink" milter and I
believe it actually include the functionality of milter-ahead. 

Take a look at new snertsoft (www.snertsoft.com) milter, milter-error. This
can block on errors and although I haven't tried it yet, I think it can help
stop the dictionary and other type of attacks. I'm looking forward to
testing it.

Steve

Stephen Swaney
Fort Systems Ltd.
stephen.swaney at fsl.com
www.fsl.com

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!