dealing with dictionary attacks

--[ UxBoD ]-- uxbod at splatnix.net
Mon Mar 5 11:10:03 CET 2007


On Mon, 05 Mar 2007 01:52:28 -0800
Chris Yuzik <itdept at fractalweb.com> wrote:

> We're beginning to really try to harden our external mail server. 
> MailScanner is generally doing great.
> 
> As I watch my maillog data flow up my screen, I'm seeing tons of "... 
> User unknown" messages and many of them are coming from a handful of IP 
> addresses.Obviously, I would like the server's bandwidth and cpu cycles 
> to be used for more productive things than dealing with what is (likely) 
> a zombie machine running through a list of possible accounts at our domain.
> 
> Is there a trustworthy milter that will say, for example, "15 bad email 
> addresses to our server within an hour and bang...the sender is 
> blacklisted for say 36 hours"?
> 
> Thanks
http://policyd.sourceforge.net

-- 
--[ UxBoD ]--
// PGP Key: "curl -s http://www.splatnix.net/uxbod.asc | gpg --import"
// Fingerprint: 543A E778 7F2D 98F1 3E50 9C1F F190 93E0 E8E8 0CF8
// Keyserver: www.keyserver.net Key-ID: 0xE8E80CF8
// SIP:uxbod at sip.splatnix.net
// Phone:+44 845 869 2749

-- 
This message has been scanned for viruses and dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list