Blacklist on email to
mkettler at evi-inc.com
Sun Mar 26 18:24:52 IST 2006
Chris Mason (Lists) wrote:
> Matt Kettler wrote:
>> What MTA are you using?
>> (answer varies considerably depending on MTA).
If you're doing local mailboxes with sendmail, it should already be verifying a
valid recipient at delivery time.
As for the dictionary attacks, sendmail has a really neat feature that kills
these off quick:
Add this section to your /etc/mail/sendmail.mc:
dnl #after 5 consecutive invalid recipients, start slowing them down with
dnl #1 second sleeps. This kills most dictionary attackers and they drop
dnl connection when the sleeps start.
Then rebuild sendmail.cf based on the instructions that should be at the top of
sendmail.mc. (some platforms have a makefile so you just use "make", others you
have to pump it through m4)
More information about the MailScanner