Block dictionary attackers?
Furnish, Trever G
TGFurnish at herffjones.com
Sun Nov 19 00:20:34 GMT 2006
Can anyone point me to an effective means of automatically blocking
dictionary attackers in close-to-realtime?
By "dictionary attackers" I mean a connecting server that attempts
delivery to more than X invalid local recipients within a given
timeframe, which is almost always evidence that the connecting server is
attempting to guess valid email addresses.
My MTA is sendmail 8.12. Is Snertsoft's milter-report the best
approach?
My goal isn't so much to stop them from guessing valid email addresses
-- every spammer under the sun seems to already have the entire list --
it's to identify the sending server as a (slightly stupid) 'soldier of
the enemy'. :-)
--
Trever Furnish, tgfurnish at herffjones.com
Herff Jones, Inc. Unix / Network Administrator
Phone: 317.612.3519
Any sufficiently advanced technology is indistinguishable from Unix.
More information about the MailScanner
mailing list