dealing with dictionary attacks

--[ UxBoD ]-- uxbod at
Mon Mar 5 11:10:03 CET 2007

On Mon, 05 Mar 2007 01:52:28 -0800
Chris Yuzik <itdept at> wrote:

> We're beginning to really try to harden our external mail server. 
> MailScanner is generally doing great.
> As I watch my maillog data flow up my screen, I'm seeing tons of "... 
> User unknown" messages and many of them are coming from a handful of IP 
> addresses.Obviously, I would like the server's bandwidth and cpu cycles 
> to be used for more productive things than dealing with what is (likely) 
> a zombie machine running through a list of possible accounts at our domain.
> Is there a trustworthy milter that will say, for example, "15 bad email 
> addresses to our server within an hour and bang...the sender is 
> blacklisted for say 36 hours"?
> Thanks

--[ UxBoD ]--
// PGP Key: "curl -s | gpg --import"
// Fingerprint: 543A E778 7F2D 98F1 3E50 9C1F F190 93E0 E8E8 0CF8
// Keyserver: Key-ID: 0xE8E80CF8
// SIP:uxbod at
// Phone:+44 845 869 2749

This message has been scanned for viruses and dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list