How to defeat address harvesting; like this..???
Mike Kercher
mike at CAMAROSS.NET
Thu Jun 9 17:03:27 IST 2005
DNSAdmin <> scribbled on Thursday, June 09, 2005 10:59 AM:
> Hello All,
>
> Less than 24 hours of changing over a domain to a new mail server,
> and I've got a gnat I need to swat!
>
>> Unknown users:
>>
>> arnold@******.com
>> from [222.233.140.203] 1 time(s).
>>
>> bowen@******.com
>> from [222.233.140.203] 1 time(s).
>>
>> boyd@******.com
>> from [222.233.140.203] 1 time(s).
>>
> (List condensed for mail list purposes. They tried to guess about 20
> users last night)
>
> This is a harvesting attack to determine valid usernames to compile a
> spam list.
>
> How do I defeat this??? Any decent suggestions appreciated! I might
> even consider the baseball bat if he/she were in my backyard!
>
> I have CentOS 3.4, Sendmail 8.12, MailScanner 4.41, SpamAssassin 2.55
>
> TIA!
> Glenn Parsons
In /etc/mail/sendmail.mc:
define(`confBAD_RCPT_THROTTLE',`1')dnl
This will start throttling those connections.
Mike
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list