dealing with dictionary attacks
itdept at fractalweb.com
Mon Mar 5 10:52:28 CET 2007
We're beginning to really try to harden our external mail server.
MailScanner is generally doing great.
As I watch my maillog data flow up my screen, I'm seeing tons of "...
User unknown" messages and many of them are coming from a handful of IP
addresses.Obviously, I would like the server's bandwidth and cpu cycles
to be used for more productive things than dealing with what is (likely)
a zombie machine running through a list of possible accounts at our domain.
Is there a trustworthy milter that will say, for example, "15 bad email
addresses to our server within an hour and bang...the sender is
blacklisted for say 36 hours"?
More information about the MailScanner