Blacklist on email to
Matt Kettler
mkettler at evi-inc.com
Sun Mar 26 18:24:52 IST 2006
Chris Mason (Lists) wrote:
> Matt Kettler wrote:
>>
>> What MTA are you using?
>>
>> (answer varies considerably depending on MTA).
>>
> Sendmail
If you're doing local mailboxes with sendmail, it should already be verifying a
valid recipient at delivery time.
As for the dictionary attacks, sendmail has a really neat feature that kills
these off quick:
Add this section to your /etc/mail/sendmail.mc:
dnl #after 5 consecutive invalid recipients, start slowing them down with
dnl #1 second sleeps. This kills most dictionary attackers and they drop
dnl connection when the sleeps start.
define(`confBAD_RCPT_THROTTLE',5)
Then rebuild sendmail.cf based on the instructions that should be at the top of
sendmail.mc. (some platforms have a makefile so you just use "make", others you
have to pump it through m4)
More information about the MailScanner
mailing list