Blacklist on email to

Matt Kettler mkettler at evi-inc.com
Sun Mar 26 18:24:52 IST 2006


Chris Mason (Lists) wrote:
> Matt Kettler wrote:
>>
>> What MTA are you using?
>>
>> (answer varies considerably depending on MTA).
>>   
> Sendmail

If you're doing local mailboxes with sendmail, it should already be verifying a
valid recipient at delivery time.

As for the dictionary attacks, sendmail has a really neat feature that kills
these off quick:

Add this section to your /etc/mail/sendmail.mc:

dnl #after 5 consecutive invalid recipients, start slowing them down with
dnl #1 second sleeps. This kills most dictionary attackers and they drop
dnl connection when the sleeps start.
define(`confBAD_RCPT_THROTTLE',5)

Then rebuild sendmail.cf based on the instructions that should be at the top of
sendmail.mc. (some platforms have a makefile so you just use "make", others you
have to pump it through m4)


More information about the MailScanner mailing list