force autolearn

[Ken A]

Glenn Steen wrote:
> On 13/06/06, Dave <wintermutecx at gmail.com> wrote:
>> On 6/13/06, Drew Marshall <drew at themarshalls.co.uk> wrote:
>> > On Tue, June 13, 2006 16:54, Dave wrote:
>> > > I've been hit with a dictionary attack for generic accounts like 
>> uucp,
>> > > accounts, home, sales, etc. I have never used or plan to use these
>> > > accounts. Right now I have a rule that adds 5 to the score if sent to
>> > > those accounts but I would like to have them autolearned as well. 
>> From
>> > > what I've read, custom rules are not used in the autolearn threshold
>> > > count. Is that true?
>> >
>> > Why not just reject these (And all other unknown users) at your MTA? 
>> Save
>> > all the processing overhead and protect your server from a really big
>> > directory attack.
>>
>>  I don't deliver mail with a spam score greater then 6, nor are they
>> rejected. Does Mailscanner check to see if it's a valid user before
>> spam scoring?
> No, but you can teach your MTA how to do it (be it Postfix, Exim or
> Sendmail.... Well, the latter may need a milter to do it:)... 

The sendmail access db works too, though you have to do some scripting 
to generate it from your password db.
Ken A
Pacific.Net


After
> all, the mails are clearly not for you/your users, and (if it is a
> real MTA sending) it'll be safe to reject, since the sender will then
> generate an NDN to the sender... You have no obligation (at all) to
> handle these. So don't, by rejecting them.
>