How to defeat address harvesting; like this..???

Mike Kercher mike at CAMAROSS.NET
Thu Jun 9 17:03:27 IST 2005


DNSAdmin <> scribbled on Thursday, June 09, 2005 10:59 AM:

> Hello All,
> 
> Less than 24 hours of changing over a domain to a new mail server,
> and I've got a gnat I need to swat! 
> 
>> Unknown users:
>> 
>>   arnold@******.com
>>      from [222.233.140.203]    1 time(s).
>> 
>>    bowen@******.com
>>      from [222.233.140.203]    1 time(s).
>> 
>>    boyd@******.com
>>      from [222.233.140.203]    1 time(s).
>> 
> (List condensed for mail list purposes. They tried to guess about 20
> users last night) 
> 
> This is a harvesting attack to determine valid usernames to compile a
> spam list. 
> 
> How do I defeat this??? Any decent suggestions appreciated! I might
> even consider the baseball bat if he/she were in my backyard! 
> 
> I have CentOS 3.4, Sendmail 8.12, MailScanner 4.41, SpamAssassin 2.55
> 
> TIA!
> Glenn Parsons

In /etc/mail/sendmail.mc:

define(`confBAD_RCPT_THROTTLE',`1')dnl

This will start throttling those connections.

Mike

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list